CVE-2021-38156
MEDIUM NUCLEINagios XI <5.8.6 - XSS
Title source: llmDescription
In Nagios XI before 5.8.6, XSS exists in the dashboard page (/dashboards/#) when administrative users attempt to edit a dashboard.
Nuclei Templates (1)
Nagios XI < 5.8.6 - Cross-Site Scripting
MEDIUMVERIFIEDby ritikchaddha
Shodan:
http.title:"nagios xi"
FOFA:
app="nagios-xi"
Scores
CVSS v3
5.4
EPSS
0.8401
EPSS Percentile
99.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (1)
nagios/nagios_xi
< 5.8.6
Published
Sep 15, 2021
Tracked Since
Feb 18, 2026