Nagios XI jquery security issues
Posted: Fri Jul 19, 2024 4:28 pm
Hi,
We're running Nagios 2024 R1.
Our enterprise security team has requested that we shutdown our Nagios instance
because it contains a vulnerable version of the jQuery UI at v1.12.1.
Vulnerability scan results recommend that this be upgraded to at least
jQuery UI version 1.13.2.
Here are the cited vulnerabilities associated with jQuery UI.
Is there a way for us to ugprade jQuery UI used by NagiosXI, or
are there mitigiation steps we can take against the cited vulnerabilities or
are the vulnerabilities false postitives and not applicable to the jQuery UI
version used by NagiosXI.
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2022-31160
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41184
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41183
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41182
We're running Nagios 2024 R1.
Our enterprise security team has requested that we shutdown our Nagios instance
because it contains a vulnerable version of the jQuery UI at v1.12.1.
Vulnerability scan results recommend that this be upgraded to at least
jQuery UI version 1.13.2.
Here are the cited vulnerabilities associated with jQuery UI.
Is there a way for us to ugprade jQuery UI used by NagiosXI, or
are there mitigiation steps we can take against the cited vulnerabilities or
are the vulnerabilities false postitives and not applicable to the jQuery UI
version used by NagiosXI.
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2022-31160
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41184
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41183
jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Tooltip Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
jQuery UI Dialog Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability
CVE-2021-41182