VYPR
← All advisories
Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Nov 17, 2025

Nagios XI < 2024R1.1.3 XSS via Executive Summary Report

CVE-2024-14001

Description

Nagios XI versions prior to 2024R1.1.3 are vulnerable to cross-site scripting (XSS) via the Executive Summary Report component. Insufficient validation or escaping of user-supplied input may allow an attacker to inject and execute arbitrary script in the context of a victim's browser.

Affected products

2
  • Nagios/XIllm-fuzzy
    Range: < 2024R1.1.3
  • Nagios/XIv5
    Range: 0

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

3

News mentions

0

No linked articles in our index yet.