Nagios XI Core Config Manager Cross-Site Scripting Vulnerability

A cross-site scripting (XSS) vulnerability has been identified in the Core Config Manager (CCM) of Nagios XI. This issue affects versions of Nagios XI prior to 5.8.9 and CCM versions prior to 3.1.7. The vulnerability arises from insufficient validation or escaping of user input in the Audit Log page search field, allowing attackers to inject and execute arbitrary scripts in the context of the victim's browser.

Impact

Exploitation of this vulnerability allows for cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, navigate to the Audit Log page in an affected version of Nagios XI. Use the search input to inject a script. The lack of proper input validation will allow the script to be executed, demonstrating the cross-site scripting vulnerability.

Remediation

Users can upgrade to Nagios XI version 5.8.9 or later, or to Core Config Manager version 3.1.7 or later, where this vulnerability has been fixed.