Vulnerabilities > Thruk
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-29 | CVE-2024-23822 | Path Traversal vulnerability in Thruk Thruk is a multibackend monitoring webinterface. | 9.8 |
| 2023-06-08 | CVE-2023-34096 | Path Traversal vulnerability in Thruk Thruk is a multibackend monitoring webinterface which currently supports Naemon, Icinga, Shinken and Nagios as backends. | 8.8 |
| 2021-12-15 | CVE-2021-35490 | Cross-site Scripting vulnerability in Thruk Thruk before 2.44 allows XSS for a quick command. | 5.4 |
| 2021-11-09 | CVE-2021-35488 | Cross-site Scripting vulnerability in Thruk 2.402 Thruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. | 6.1 |
| 2021-11-09 | CVE-2021-35489 | Cross-site Scripting vulnerability in Thruk 2.402 Thruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. | 6.1 |