Required CVE Record Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in PNP4Nagios through 0.6.22 allow remote attackers to inject arbitrary web script or HTML via the URI used for reaching (1) share/pnp/application/views/kohana_error_page.php or (2) share/pnp/application/views/template.php, leading to improper handling within an http-equiv="refresh" META element.
References 5 Total
- https://github.com/lingej/pnp4nagios/commit/cb925073edeeb97eb4ce61a86cdafccc9b87f9bb
- secunia.com: 58973 third-party-advisory
- https://github.com/lingej/pnp4nagios/commit/e4a19768a5c5e5b1276caf3dd5bb721a540ec014
- openwall.com: [oss-security] 20140711 Re: CVE request: XSS in PNP4Nagios mailing-list
- securityfocus.com: 68352 vdb-entry
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 5 Total
- https://github.com/lingej/pnp4nagios/commit/cb925073edeeb97eb4ce61a86cdafccc9b87f9bb x_transferred
- secunia.com: 58973 third-party-advisoryx_transferred
- https://github.com/lingej/pnp4nagios/commit/e4a19768a5c5e5b1276caf3dd5bb721a540ec014 x_transferred
- openwall.com: [oss-security] 20140711 Re: CVE request: XSS in PNP4Nagios mailing-listx_transferred
- securityfocus.com: 68352 vdb-entryx_transferred