HTTP: Nagios Log Server Multiple Stored Cross-Site Scripting

This signature detects attempts to exploit a known cross-site scripting vulnerability against Nagios Log Server. It is due to insufficient validation of user-supplied input. Attackers can steal cookie-based authentication credentials and launch other attacks.

Extended Description

Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mishandled on the /admin/users page. Any malicious user with limited access can store an XSS payload in his Name. When any admin views this, the XSS is triggered.

Affected Products

Nagios nagios

References

CVE: CVE-2020-6586

Short Name
HTTP:XSS:NAGIOS-USRPRFILE-SXSS
Severity
Warning
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2020-6586 Cross-Site Log Multiple Nagios Scripting Server Stored
Release Date
04/07/2020
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3338
False Positive
Unknown
Vendors

Nagios

CVSS Score

3.5

Found a potential security threat?