Security Advisory

CVE-2021-47691

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-30 21:36:28
Last updated 2025-11-17 18:21:42
Assigner VulnCheck
State PUBLISHED

Description

The Core Config Manager (CCM) in Nagios XI versions prior to CCM 3.1.1 / Nagios XI 5.8.2 contains multiple cross-site scripting (XSS) vulnerabilities via the Services page affecting the config_name and service_description fields. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victims browser.