Yesterday I found NagiosXI (5.6.11) is vulnerable to multiple (postauth) XSS bugs. Today I decided to continue the research to find out if I will find some other bug(s) Below you will find the details of the latest Nagios XSS bug. The bug was discovered in the Nagios-Database and/or dump it all to the Kali VM on VirtualBox again. The working poc will be disclosed only to patron/donate users.”]
Source: https://code610.blogspot.com/2020/03/postauth-sqli-in-latest-nagiosxi-5611.html