{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-25T23:55:14.849","vulnerabilities":[{"cve":{"id":"CVE-2021-35478","sourceIdentifier":"cve@mitre.org","published":"2021-07-30T14:15:17.917","lastModified":"2026-06-17T03:57:32.613","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page."},{"lang":"es","value":"Nagios Log Server versiones anteriores a 2.1.9, contiene una vulnerabilidad de tipo XSS Reflejado en el dropdown box de la función alert history and audit log. Todos los parámetros usados para el filtrado están afectados. Esto afecta a usuarios que abren un enlace diseñado o una página web de terceros"}],"affected":[{"source":"cve@mitre.org","affectedData":[{"vendor":"n/a","product":"n/a","versions":[{"version":"n/a","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:log_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.9","matchCriteriaId":"D0080172-D0FB-4488-A74D-58DAC7DCFB20"}]}]}],"references":[{"url":"https://research.nccgroup.com/2021/07/22/technical-advisory-stored-and-reflected-xss-vulnerability-in-nagios-log-server-cve-2021-35478cve-2021-35479/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://research.nccgroup.com/?research=Technical%20advisories","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-log-server/change-log/","source":"cve@mitre.org","tags":["Release Notes","Vendor Advisory"]},{"url":"https://research.nccgroup.com/2021/07/22/technical-advisory-stored-and-reflected-xss-vulnerability-in-nagios-log-server-cve-2021-35478cve-2021-35479/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://research.nccgroup.com/?research=Technical%20advisories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-log-server/change-log/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Release Notes","Vendor Advisory"]}]}}]}