CVE-2025-56432

Name of the Vulnerable Software and Affected Versions: Nagios XI version 2024R2

Description: A cross-site scripting (XSS) vulnerability exists that allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.