CVE-2023-40933

Published: 2023-09-19T23:15Z

Last Modified: 2024-11-21T08:20Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt