https://vulnerability.circl.lu/sightings/feed 2026-05-05T16:32:23.974988+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/50f26d79-8336-4cbd-9841-8cdd57c75a39/export 2026-05-05T16:32:24.304707+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "50f26d79-8336-4cbd-9841-8cdd57c75a39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-37223", "type": "seen", "source": "https://t.me/cibsecurity/29962", "content": "\u203c CVE-2021-37223 \u203c\n\nNagios Enterprises NagiosXI <= 5.8.4 contains a Server-Side Request Forgery (SSRF) vulnerability in schedulereport.php. Any authenticated user can create scheduled reports containing PDF screenshots of any view in the NagiosXI application. Due to lack of input sanitisation, the target page can be replaced with an SSRF payload to access internal resources or disclose local system files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-05T16:30:32.000000Z"} 2021-10-05T16:30:32+00:00