CVE-2021-47697: 
Nagios XI vulnerability analysis and mitigation

CVE-2021-47697 affects Nagios XI versions prior to 5.8.0. The vulnerability was discovered in the Views feature URL handling functionality of the application (VulnCheck Advisories).

This is a cross-site scripting (XSS) vulnerability categorized as CWE-79 (Improper Neutralization of Input During Web Page Generation). The vulnerability has a CVSS score of 5.1 and stems from insufficient validation or escaping of user-supplied input in the Views feature URL handling. The CVSS V4 Vector is CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N (VulnCheck Advisories).

The vulnerability allows an attacker to inject and execute arbitrary script in the context of a victim's browser. This could potentially lead to theft of sensitive information, session hijacking, or other malicious actions performed in the context of the authenticated user's session (VulnCheck Advisories).

The vulnerability has been fixed in Nagios XI version 5.8.0. Users should upgrade to this version or later to mitigate the risk. No alternative workarounds have been publicly documented (VulnCheck Advisories).