It was found that nagios is vulnerable to reflected XSS and phishing vector via corewindow. Known via: http://seclists.org/fulldisclosure/2016/Jun/20
Created nagios tracking bugs for this issue: Affects: fedora-all [bug 1377884]