AI Score
Confidence
Low
EPSS
Percentile
70.6%
SSVC
Exploitation
none
Automatable
no
Technical Impact
total
A SQL injection vulnerability in Nagios XI v5.11.1 and below allows authenticated attackers with announcement banner configuration privileges to execute arbitrary SQL commands via the ID parameter sent to the update_banner_message() function.