Arbitrary Code Injection through Nagios XI's xiwindow Parameter
CVE-2019-9167 · MEDIUM Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter.
Learn more about our Cis Benchmark Audit For Apple Ios.