XSS in PNP4Nagios (Two URL Cross-Site Scripting Vulnerabilities)

  •  
  •  
  •  
  •  
  •  
  •  
  •  
  •  

According to Exploit.php CVE request: pnp4nagios – Two URL Cross-Site Scripting Vulnerabilities was found

This vulnerability is caused by an input validation error in “views/kohana_error_page.php”. A remote attacker can send a specially crafted HTTP request to the vulnerable application and execute arbitrary html and scripting code in user`s browser in context of a vulnerable website.

Further exploitation of this vulnerability may result in stealing potentially sensitive to the user information, such as cookies, or disguising the information presented on the website.

This may be the fix:
For : Update to version 0.6.22.
Links: http://docs.pnp4nagios.org/pnp-0.6/dwnld

The following two tabs change content below.

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Unallocated Author

Please note that the article you are reading has an unallocated author as the original author is no longer employed at latesthackingnews.com, this has been put in place to adhere with general data protection regulations (GDPR). If you have any further queries, please contact: [email protected]

Leave a Reply