CVE-2020-5790

Name of the Vulnerable Software and Affected Versions Nagios XI version 5.7.3

Description The issue allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. This is a result of cross-site request forgery.

Recommendations For Nagios XI version 5.7.3, consider implementing additional security measures to prevent cross-site request forgery attacks, such as validating user requests and ensuring that sensitive actions require explicit user confirmation. As a temporary workaround, restrict access to sensitive application features to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.