CVE-2025-34278 – Nagios Network Analyzer < 2024R1 Source Groups / Percentile Calculator Menu Stored XSS

CVE ID : CVE-2025-34278

Published : Oct. 30, 2025, 10:15 p.m. | 1 hour, 10 minutes ago

Description : Nagios Network Analyzer versions prior to 2024R1 contain a stored cross-site scripting (XSS) vulnerability in the Source Groups page (percentile calculator menu). An attacker can supply a malicious payload which is stored by the application and later rendered in the context of other users. When a victim views the affected page the injected script executes in the victim’s browser context.

Severity: 5.1 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…