Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2024-54958

Nagios XI 2024R1.2.2 is susceptible to a stored Cross-Site Scripting (XSS) vulnerability in the Tools page. This flaw allows an attacker to inject malicious scripts into the Tools interface, which are then stored and executed in the context of other users accessing the page.

Published

2025-02-20T18:15:25.187

Last Modified

2025-07-01T15:02:14.003

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 6.1 (MEDIUM)

Weaknesses

Type: Secondary
CWE-79

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	nagios	nagios_xi	2024	Yes

References

https://github.com/Sharpe-nl/CVEs/tree/main/CVE-2024-54958 Third Party Advisory ([email protected])