CVE-2025-29471

Sažetak

Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.

Reference

https://www.exploit-db.com/exploits/52117
https://www.nagios.com/changelog/#log-server
https://youtu.be/MvJuIkdTSQg

CVSS

Base:	8.3
Impact:	6.0
Exploitability:	1.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	HIGH	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H

Zadnje važnije ažuriranje

23-04-2025 - 16:30

Objavljeno

15-04-2025 - 22:15