CNNVD-202510-4110 Information

CNNVD ID

CNNVD-202510-4110

Related CVE

CVE-2023-7323

• CNNVD Published: 2025-10-30

Description (Chinese)

Nagios Log Server是美国Nagios公司的一套集中式日志管理、监控和分析软件。 Nagios Log Server 2024R1之前版本存在安全漏洞，该漏洞源于创建用户功能中对用户输入验证和转义不足，可能导致跨站脚本攻击。

Description (English)

Nagios Log Server is a centralized log management, monitoring and analysis software for the United States company Nagios. There was a security loophole in the pre-Nagios Log Server 2024R1 version, which stemmed from the lack of user input validation and conversion in the creation of user functions, which could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Nagios

Published

2025-10-30

Last Modified

2026-02-24

References

https://www.nagios.com/changelog/nagios-log-server-2024r1/ https://www.vulncheck.com/advisories/nagios-log-server-xss-via-create-user-function

Patch

https://www.nagios.com/products/security/#log-server