{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-15T14:26:33.073","vulnerabilities":[{"cve":{"id":"CVE-2021-35479","sourceIdentifier":"cve@mitre.org","published":"2021-07-30T14:15:17.943","lastModified":"2024-11-21T06:12:21.313","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page."},{"lang":"es","value":"Nagios Log Server versiones anteriores a 2.1.9 contiene una vulnerabilidad de tipo XSS almacenado en la visualización de columna personalizada para la función alert history and audit log a través del parámetro affected pp. Esto afecta a usuarios que abren un enlace diseñado o una página web de terceros"}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N","baseScore":5.4,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"LOW","integrityImpact":"LOW","availabilityImpact":"NONE"},"exploitabilityScore":2.3,"impactScore":2.7}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:N/I:P/A:N","baseScore":3.5,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":6.8,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:nagios:log_server:*:*:*:*:*:*:*:*","versionEndExcluding":"2.1.9","matchCriteriaId":"D0080172-D0FB-4488-A74D-58DAC7DCFB20"}]}]}],"references":[{"url":"https://research.nccgroup.com/2021/07/22/technical-advisory-stored-and-reflected-xss-vulnerability-in-nagios-log-server-cve-2021-35478cve-2021-35479/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory"]},{"url":"https://research.nccgroup.com/?research=Technical%20advisories","source":"cve@mitre.org","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-log-server/change-log/","source":"cve@mitre.org","tags":["Vendor Advisory"]},{"url":"https://research.nccgroup.com/2021/07/22/technical-advisory-stored-and-reflected-xss-vulnerability-in-nagios-log-server-cve-2021-35478cve-2021-35479/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]},{"url":"https://research.nccgroup.com/?research=Technical%20advisories","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]},{"url":"https://www.nagios.com/downloads/nagios-log-server/change-log/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}