CVE-2017-6393

Name of the Vulnerable Software and Affected Versions NagVis version 1.9b12

Description The issue is caused by insufficient filtration of user-supplied data passed to the "nagvis-master/share/userfiles/gadgets/std table.php" URL. This allows an attacker to execute arbitrary HTML and script code in a browser in the context of the vulnerable website.

Recommendations For NagVis version 1.9b12, as a temporary workaround, consider restricting access to the "nagvis-master/share/userfiles/gadgets/std table.php" URL until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.