CNNVD-202510-4166 Information

CNNVD ID

CNNVD-202510-4166

Related CVE

CVE-2016-15049

• CNNVD Published: 2025-10-30

Description (Chinese)

Nagios Log Server是美国Nagios公司的一套集中式日志管理、监控和分析软件。 Nagios Log Server 1.4.2之前版本存在安全漏洞，该漏洞源于Dashboards部分的Logs表未安全编码日志内容，可能导致跨站脚本攻击。

Description (English)

Nagios Log Server is a centralized log management, monitoring and analysis software for the United States company Nagios. There was a security loophole in the earlier version of Nagios Log Server 1.4.2, which originated from the lack of secure logs on the Logs table in the Dashboards section, which could lead to cross-site script attacks.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Nagios

Published

2025-10-30

Last Modified

2026-02-24

References

https://www.nagios.com/changelog/nagios-log-server-2024r1/ https://www.vulncheck.com/advisories/nagios-log-server-dashboards-logs-table-xss

Patch

https://www.nagios.com/products/security/#log-server