Zurück zur CVE-Übersicht
CVE-2023-40931
MEDIUM(6.5)CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Risk Signal Score20/100 — NIEDRIG
- CVSS 6.5 — Mittel
EPSS-Score
13%
Exploit-Wahrscheinlichkeit (30 Tage)
CVSS Score
6.5
Technische Schwere
Beschreibung
A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php