Home

Description

A cross-site scripting (XSS) vulnerability exists in Nagios XI 2024R2. The vulnerability allows remote attackers to execute arbitrary JavaScript in the context of a logged-in user's session via a specially crafted URL. The issue resides in a web component responsible for rendering performance-related data.

PUBLISHED Reserved 2025-08-17 | Published 2025-08-26 | Updated 2025-08-26 | Assigner mitre

References

nagios.com

www.nagios.com/changelog/

cve.org (CVE-2025-56432)

nvd.nist.gov (CVE-2025-56432)

Download JSON