Vulnerabilities > Nagios > Nagios XI > 5.5.11
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-11-16 | CVE-2020-27989 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit Dashboard). | 5.4 |
2020-11-16 | CVE-2020-27988 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field). | 5.4 |
2020-11-16 | CVE-2020-28648 | Improper Input Validation vulnerability in Nagios XI Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. | 8.8 |
2020-09-09 | CVE-2020-15903 | Unspecified vulnerability in Nagios XI An issue was found in Nagios XI before 5.7.3. | 9.8 |
2020-07-22 | CVE-2020-15902 | Cross-site Scripting vulnerability in Nagios XI Graph Explorer in Nagios XI before 5.7.2 allows XSS via the link url option. | 6.1 |
2020-07-22 | CVE-2020-15901 | Unspecified vulnerability in Nagios XI In Nagios XI before 5.7.3, ajaxhelper.php allows remote authenticated attackers to execute arbitrary commands via cmdsubsys. | 8.8 |
2019-09-05 | CVE-2019-15949 | OS Command Injection vulnerability in Nagios XI Nagios XI before 5.6.6 allows remote command execution as root. | 8.8 |