Nagios · Nagios Core · CVE-2018-18245
**Name of the Vulnerable Software and Affected Versions**
Nagios Core version 4.4.2
**Description**
The issue concerns an XSS flaw in the alert summary reports of plugin results. This can be demonstrated by a SCRIPT element delivered by a modified check load plugin to NRPE, allowing for potential exploitation.
**Recommendations**
For Nagios Core version 4.4.2, update to a version that includes a fix for this issue to prevent XSS attacks.