Vulnerabilities > Nagios > Nagios XI > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-09-15 | CVE-2021-38156 | Cross-site Scripting vulnerability in Nagios XI In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard. | 3.5 |
| 2020-11-16 | CVE-2020-27988 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field). | 3.5 |
| 2020-11-16 | CVE-2020-27989 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit Dashboard). | 3.5 |
| 2020-11-16 | CVE-2020-27990 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool (add agent). | 3.5 |
| 2020-11-16 | CVE-2020-27991 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Account Information (Email field). | 3.5 |
| 2020-03-22 | CVE-2020-10819 | Cross-site Scripting vulnerability in Nagios XI 5.6.11 Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ username parameter. | 3.5 |
| 2020-03-22 | CVE-2020-10820 | Cross-site Scripting vulnerability in Nagios XI 5.6.11 Nagios XI 5.6.11 allows XSS via the includes/components/ldap_ad_integration/ password parameter. | 3.5 |
| 2020-03-22 | CVE-2020-10821 | Cross-site Scripting vulnerability in Nagios XI 5.6.11 Nagios XI 5.6.11 allows XSS via the account/main.php theme parameter. | 3.5 |
| 2019-12-30 | CVE-2019-20139 | Cross-site Scripting vulnerability in Nagios XI 5.6.9 In Nagios XI 5.6.9, XSS exists via the nocscreenapi.php host, hostgroup, or servicegroup parameter, or the schedulereport.php hour or frequency parameter. | 3.5 |
| 2019-07-10 | CVE-2018-17147 | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.5.4 has XSS in the auto login admin management page. | 3.5 |