Red Hat Bugzilla – Bug 437849
CVE-2008-1360 nagios cross site scripting
Last modified: 2010-12-23 11:44:20 EST
Common Vulnerabilities and Exposures assigned an identifier CVE-2008-1360 to the following vulnerability:
Cross-site scripting (XSS) vulnerability in Nagios before 2.11 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts, a different issue than CVE-2007-5624.
Created attachment 305353 [details]
This fix is present in the upstream version 2.11.
(Extracted from SuSE nagios-2.9-48.4.src.rpm)
Reporter changed to firstname.lastname@example.org by request of Jay Turner.
HPC and EPEL4/5 have 2.12 so aren't affected by this, and Fedora has much newer versions.