Iamaldio

**Name of the Vulnerable Software and Affected Versions** Nagios Nagios Cross-Platform Agent (NCPA) versions prior to 2.4.0 **Description** The issue is related to a DOM-based Cross Site Scripting (XSS) vulnerability in the 'Tail Event Logs' functionality. This vulnerability allows attackers to run arbitrary code via the `name` element when filtering for a log. **Recommendations** For versions prior to 2.4.0, update to version 2.4.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the 'Tail Event Logs' functionality until a patch is applied. Avoid using the `name` element for filtering logs in the affected functionality until the issue is resolved.