Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
1 contributor

Users who have contributed to this file

11 lines (5 sloc) 432 Bytes

reflectedxss_nagios_2.0.7

Reflected XSS on NAGIOS

We are used to testing applications with means to strengthen their information security maturity. This time Nagios Log Server was the chosen one.

During a battery of tests regarding the Login field on the username input, Lucas Carmo and I(Luca Ottoni) have discovered a Reflected XSS with the payload as follows:

"><script></script><script>alert(document.domain)</script>

You can’t perform that action at this time.