Fabian Ullrich In June 2020 we reported three vulnerabilities in Nagios XI 5.7.1 to the vendor. The following CVE IDs were assigned to the issues :  CVE-2020-15901: Command Injection in Nagios XI web interface (RCE)  CVE-2020-15902: Cross Site Scripting (XSS)  CVE-2020-15903: Reserved, details will be given on vendor fix CVE-2020-15901 and CVE-2020-15902 have meanwhile been … Continue reading Security Advisories for Nagios XI