[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-16392":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":48,"name":49,"published":50,"updated":34},16392,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":43,"epss_percentile":44,"cve":45,"in_cisa_catalog":47,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"The flaw is caused by improper validation of user-supplied input passed via the expand parameter in cgi-bin/config.cgi, which allows attackers to execute arbitrary HTML and script code on the web server. Successful exploitation will allow attacker to execute arbitrary HTML and script code in a users browser session in the context of an affected site.","Nagios is prone to a cross-site scripting (XSS) vulnerability.","Update to version 3.3.1 or later.",[39,40,41,42],"http://tracker.nagios.org/view.php?id=224","http://www.securityfocus.com/archive/1/518221","http://seclists.org/fulldisclosure/2011/Jun/22","http://packetstormsecurity.org/files/view/101899/SSCHADV2011-006.txt",0.30062,0.96638,[46],"CVE-2011-2179",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.801894","Nagios \u003C 3.3.1 expand Parameter XSS Vulnerability - Active Check","2018-01-02T00:00:00Z"]