Multiple cross-site scripting (XSS) vulnerabilities in config.c in config.cgi in (1) Nagios 3.2.3 and (2) Icinga before 1.4.1 allow remote attackers to inject arbitrary web script or HTML via the expand parameter, as demonstrated by an (a) command action or a (b) hosts action.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-06-14T17:00:00
Updated: 2017-08-28T12:57:01
Reserved: 2011-05-31T00:00:00
Link: CVE-2011-2179
JSON object: View
NVD Information
Status : Modified
Published: 2011-06-14T17:55:06.437
Modified: 2017-08-29T01:29:19.567
Link: CVE-2011-2179
JSON object: View
Redhat Information
No data.
CWE