Arbitrary Code Injection through Nagios XI's xiwindow Parameter

Arbitrary Code Injection through Nagios XI's xiwindow Parameter

CVE-2019-9167 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Cross-site scripting (XSS) vulnerability in Nagios XI before 5.5.11 allows attackers to inject arbitrary web script or HTML via the xiwindow parameter.

Learn more about our Cis Benchmark Audit For Apple Ios.