XSS Vulnerability in NCPA 2.4.0

Question

XSS Vulnerability in NCPA 2.4.0

aaronjcolclough opened this issue 3 months ago · 1 comments

Who can i talk to about a cross-site scripting vulnerability I've discovered in NCPA 2.4.0? Is there an email address i can send information to?

Answer 1 · 2024-09-06T18:33:52.000Z

Hello @aaronjcolclough,

You can send this vulnerability to security@nagios.com. Note that there have been a number of security updates and fixes since NCPA 2.4.0 and this may not exist on more recent versions of NCPA. If this vulnerability still exists on 2.4.1, then we will put out a fix.