Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Nagios XI Cross Site Scripting Vulnerability

https://support.nagios.com/forum/viewtopic.php?t=42919

Page 1 of 1

Nagios XI Cross Site Scripting Vulnerability

Posted: Sun Mar 12, 2017 12:41 am
by researcher
Moderator Edit: This thread has been split from another - https://support.nagios.com/forum/viewto ... =6&t=34574
In the future, please create a new thread and link to the old one instead of adding on.

# Reflected XSS found on Nagios XI
example:
https://<target ip>/nagiosxi/login.php/hhbdq"-alert(1)-"napn9?redirect=/nagiosxi/index.php%3f&noauth=1

Re: Nagios XI Cross Site Scripting Vulnerability

Posted: Mon Mar 13, 2017 9:24 am
by tmcdonald
researcher wrote:# Reflected XSS found on Nagios XI
example:
https://<target ip>/nagiosxi/login.php/hhbdq"-alert(1)-"napn9?redirect=/nagiosxi/index.php%3f&noauth=1
For future reference, please send these reports to [email protected]

I am not able to reproduce this on the latest XI - What version were you testing against?
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited