CVE-2013-10071

Name of the Vulnerable Software and Affected Versions Nagios XI versions prior to 2012R1.6

Description The software contains a reflected cross-site scripting (XSS) issue in the dashboard dashlet AJAX load functionality. Insufficient validation or escaping of user-supplied input could allow an attacker to inject and execute arbitrary script in the context of a victim's browser.

Recommendations Update to version 2012R1.6 or later.