CVE-2021-43584 Information

Description

DOM-based Cross Site Scripting (XSS vulnerability in ‘Tail Event Logs’ functionality in Nagios Nagios Cross-Platform Agent (NCPA) before 2.4.0 allows attackers to run arbitrary code via the name element when filtering for a log.

Reference

https://github.com/NagiosEnterprises/ncpa/issues/830