Vulnerabilities > Nagios > Nagios XI > 5.11.2
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-02-02 | CVE-2023-51072 | Cross-site Scripting vulnerability in Nagios XI A stored cross-site scripting (XSS) vulnerability in the NOC component of Nagios XI version up to and including 2024R1 allows low-privileged users to execute malicious HTML or JavaScript code via the audio file upload functionality from the Operation Center section. | 5.4 |
| 2023-12-14 | CVE-2023-48084 | SQL Injection vulnerability in Nagios XI Nagios XI before version 5.11.3 was discovered to contain a SQL injection vulnerability via the bulk modification tool. | 9.8 |
| 2023-12-14 | CVE-2023-48085 | Unspecified vulnerability in Nagios XI Nagios XI before version 5.11.3 was discovered to contain a remote code execution (RCE) vulnerability via the component command_test.php. | 9.8 |