Nagios XI v5.8.6 was discovered to contain a SQL injection vulnerability via the mib_name parameter at the Manage MIBs page. https://www.nagios.com/downloads/nagios-xi/change-log/#5.8.7
Created nagios tracking bugs for this issue: Affects: epel-all [bug 2135654] Affects: fedora-all [bug 2135653]
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-38250