CVE-2020-27990

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 5.7.5

Description The issue concerns a Cross-Site Scripting (XSS) vulnerability in the Deployment tool, specifically in the 'add agent' functionality. This type of vulnerability allows an attacker to inject malicious scripts into content from otherwise trusted websites.

Recommendations For Nagios XI versions prior to 5.7.5, update to version 5.7.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the Deployment tool to minimize the risk of exploitation.