Vulnerability CVE-2023-40931

Vulnerability CVE-2023-40931

Published: 2023-09-19 Modified: 2023-09-20

Description:

A SQL injection vulnerability in Nagios XI from version 5.11.0 up to and including 5.11.1 allows authenticated attackers to execute arbitrary SQL commands via the ID parameter in the POST request to /nagiosxi/admin/banner_message-ajaxhelper.php

References:

https://outpost24.com/blog/nagios-xi-vulnerabilities/

http://nagios.com

https://www.nagios.com/products/security/

Copyright 2026, cxsecurity.com