CVE-2025-29471: Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the...

Description

Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the Email field.

Classification

CVE ID: CVE-2025-29471

Affected Products

Vendor: n/a

Product: n/a

Exploit Prediction Scoring System (EPSS)

EPSS Score: 1.47% (probability of being exploited)

EPSS Percentile: 79.85% (scored less or equal to compared to others)

EPSS Date: 2025-04-21 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-29471
https://youtu.be/MvJuIkdTSQg
https://www.nagios.com/changelog/#log-server
https://www.exploit-db.com/exploits/52117

Timeline

2025-04-15 22:40:12 UTC
CVE

Cross Site Scripting vulnerability in Nagios Log Server v.2024R1.3.1 allows a remote attacker to execute arbitrary code via a payload into the...