Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

JQuery vulnerability in Nagios Log Server

https://support.nagios.com/forum/viewtopic.php?t=59007

Page 1 of 1

JQuery vulnerability in Nagios Log Server

Posted: Tue Jun 16, 2020 8:50 am
by RyanHe
We're trying to purchase Nagios Log Server and support for our federal customer and we're running a trial version on a Ubuntu vm. However, when we scan the server with Nessus Vulnerability Scanner it's finding a very out-of-date version of JQuery which has a known cross site scripting vulnerability.

URL: http://xxx.xxx.xxx.xxx/nagioslogserver/ ... sver=2.1.6

If there is a patch available to update the version of JQuery, and all references to it in Nagios Log Server, we would like to try that. Otherwise, we may not be able to get his past the review board at the agency and will not be able to purchase it.

Re: JQuery vulnerability in Nagios Log Server

Posted: Tue Jun 16, 2020 10:37 am
by benjaminsmith
HI @RyanHe,

Welcome to the Nagios Support Forum. I see you have an open ticket for this issue in our ticketing system, so I will be closing this out and we'll move the conversation to the ticket.

Thanks!
Benjamin Smith
Technical Support Manager
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited