CNNVD-202602-016 Information
CNNVD ID
CNNVD-202602-016
Related CVE
- CNNVD Published: 2026-02-01
Description (Chinese)
Icinga Web 2是Icinga开源的一个开源监控和度量解决方案。 Icinga Web 2 2.8.2版本存在跨站脚本漏洞,该漏洞源于icinga.min.js文件存在客户端跨站脚本漏洞,可能导致会话劫持和非持久性钓鱼攻击。
Description (English)
Icinga Web 2 is an open source monitoring and measurement solution for the Icinga Open Source. The Icinga Web 2 2.8.2 version has a cross-site script loophole, which stems from the icinga.min.js file and the client’s cross-site script loophole, which may lead to conversational hijacking and non-persistent fishing attacks.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
Icinga
Published
2026-02-01
Last Modified
2026-02-24
References
https://www.vulncheck.com/advisories/inciga-web-client-side-cross-site-scripting-via-eventlistener https://icinga.com/ https://www.vulnerability-lab.com/get_content.php?id=2273 https://github.com/Icinga/icingaweb2
Patch
https://icinga.com/docs/icinga-web/latest/doc/02-Installation/#installation
Share on: