Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-4149-1 | nagvis security update |
EUVD |
EUVD-2024-51735 | The "NagVis" component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the context of the browser once clicked. The attack can be performed on both authenticated and unauthenticated users. |
Mon, 03 Nov 2025 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 15 Jul 2025 13:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
epss
|
epss
|
Thu, 06 Feb 2025 15:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Wed, 05 Feb 2025 01:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Tue, 04 Feb 2025 22:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The "NagVis" component within Checkmk is vulnerable to reflected cross-site scripting. An attacker can craft a malicious link that will execute arbitrary JavaScript in the context of the browser once clicked. The attack can be performed on both authenticated and unauthenticated users. | |
| Title | Checkmk NagVis Reflected Cross-site Scripting | |
| Weaknesses | CWE-79 | |
| References |
|
Subscriptions
No data.
Status: PUBLISHED
Assigner: KoreLogic
Published:
Updated: 2025-11-03T19:29:15.962Z
Reserved: 2025-01-24T18:22:32.696Z
Link: CVE-2024-13722
Updated: 2025-11-03T19:29:15.962Z
Status : Deferred
Published: 2025-02-04T22:15:40.113
Modified: 2026-06-17T07:02:36.603
Link: CVE-2024-13722
No data.
OpenCVE Enrichment
No data.
Debian DLA
EUVD