EIP-2026-104000
PRE-CVENagios XI - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-104000. PoCs published by anonymous.
AI-analyzed exploit summary This is a detailed technical writeup describing multiple XSS vulnerabilities in Nagios XI versions prior to 2011R1.9. It includes specific attack vectors, affected pages, and proof-of-concept payloads for both reflected and stored XSS.
Description
Nagios XI - Multiple Cross-Site Scripting / HTML Injection Vulnerabilities
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by anonymous · textremotemultiple
https://www.exploit-db.com/exploits/36455
This is a detailed technical writeup describing multiple XSS vulnerabilities in Nagios XI versions prior to 2011R1.9. It includes specific attack vectors, affected pages, and proof-of-concept payloads for both reflected and stored XSS.
Classification
Writeup 95%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target:
Nagios XI < 2011R1.9
No auth needed
Prerequisites:
Access to vulnerable Nagios XI instance
MITRE ATT&CK
devstral-2 · analyzed Feb 18, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026