Arbitrary Web Script Injection in Nagios Business Process Intelligence (BPI) before 2.3.4

Arbitrary Web Script Injection in Nagios Business Process Intelligence (BPI) before 2.3.4

CVE-2015-3618 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in Nagios Business Process Intelligence (BPI) before 2.3.4 allows remote attackers to inject arbitrary web script or HTML via vectors involving index.php.

Learn more about our Cis Benchmark Audit For Apple Ios.