CVE-2011-10040

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2011R1.9

Description The software is susceptible to cross-site scripting (XSS) through the link-handling functions utilized by status and report pages. Insufficient validation or escaping of user-supplied input could permit an attacker to inject and execute arbitrary script within a victim’s browser.

Recommendations Update to version 2011R1.9 or later.