CVE-2023-53689

CVSS v2.0

8.5

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:N

Name of the Vulnerable Software and Affected Versions Nagios Fusion versions prior to 4.2.0

Description Nagios Fusion versions prior to 4.2.0 have a reflected cross-site scripting (XSS) issue in the license key configuration process. This allows an attacker to execute scripts in a user's browser by tricking them into following a specially crafted URL. Successful exploitation can lead to the theft of credentials or session information, potentially granting unauthorized administrative access.

Recommendations Update to Nagios Fusion version 4.2.0 or later.

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

BDU:2025-15969

CVE-2023-53689

Affected Products

Nagios Fusion

CVE-2023-53689

Weakness Enumeration

Related Identifiers

Affected Products

References · 7