>> Nagios Unspecified Data Handling Cross Site Scripting Vulnerability
Title : Nagios Unspecified Data Handling Cross Site Scripting Vulnerability VUPEN ID : VUPEN/ADV-2008-0900 CVE ID : CVE-2008-1360
Rated as : Low Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-03-17
Technical Description
A vulnerability has been identified in Nagios, which could be exploited by attackers to execute arbitrary scripting code. This issue is caused by unspecified input validation errors when processing user-supplied data, which could be exploited by attackers to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected Web site.
