CVE-2021-26024

Publication date

2021-02-03 21:28:18

Family

mitre

State

PUBLISHED

Description

The Favorites component before 1.0.2 for Nagios XI 5.8.0 is vulnerable to Insecure Direct Object Reference: it is possible to create favorites for any other user account.