Search found 4 matches
- Mon Aug 31, 2020 12:57 pm
- Forum: Nagios XI
- Topic: XIv5.7.2 - Jquery version 1.11.2 has cross-site script vuln
- Replies: 7
- Views: 3369
Re: XIv5.7.2 - Jquery version 1.11.2 has cross-site script v
Since it is internal, can I adjust the filesystem permissions so that only the nagios user can read the vulnerable jquery library so that it isn't seen by the scans? Will the PDF generator still work even if it can't get to the jquery library through an http:// URL?
- Fri Aug 28, 2020 2:30 pm
- Forum: Nagios XI
- Topic: XIv5.7.2 - Jquery version 1.11.2 has cross-site script vuln
- Replies: 7
- Views: 3369
Re: XIv5.7.2 - Jquery version 1.11.2 has cross-site script v
Actually, I just found out that removing this old jquery library is insufficient. There are a number of important people who rely on the PDF report functionality. Do you have any work-arounds available that will restore PDF reporting capabilities until the PDF generator feature is able to use a more...
- Thu Aug 27, 2020 3:20 pm
- Forum: Nagios XI
- Topic: XIv5.7.2 - Jquery version 1.11.2 has cross-site script vuln
- Replies: 7
- Views: 3369
Re: XIv5.7.2 - Jquery version 1.11.2 has cross-site script v
Thanks!
I've now made the file unreadable (chmod a-rwx jquery-1.11.*). This should keep our vulnerability scans from finding it.
I've now made the file unreadable (chmod a-rwx jquery-1.11.*). This should keep our vulnerability scans from finding it.
- Wed Aug 26, 2020 5:07 pm
- Forum: Nagios XI
- Topic: XIv5.7.2 - Jquery version 1.11.2 has cross-site script vuln
- Replies: 7
- Views: 3369
XIv5.7.2 - Jquery version 1.11.2 has cross-site script vuln
Trying to resolve a cross site vulnerability in NagiosXI v5.7.2-2 that our security scanner picked up on. I don't have much time to fix it. Looks like Nagios uses several different versions of jquery. Our security scan points out that the jquery version at the following location is vulnerable to a c...