Lucene search
MitreCVELIST:CVE-2017-12066HistoryAug 01, 2017 - 5:00 a.m.
CVE-2017-12066
2017-08-0105:00:00
mitre
www.cve.org
Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. NOTE: this vulnerability exists because of an incomplete fix (lack of the htmlspecialchars ENT_QUOTES flag) for CVE-2017-11163.
Related
ubuntucve
ubuntucve
CVE-2017-12066
2017-08-01 00:00:00
CVE-2017-11163
2017-07-10 00:00:00
prion
prion
Cross site scripting
2017-08-01 05:29:00
Cross site scripting
2017-07-10 18:29:00
cve
cve
CVE-2017-12066
2017-08-01 05:29:00
CVE-2017-11163
2017-07-10 18:29:00
osv
osv
CVE-2017-12066
2017-08-01 05:29:00
CVE-2017-11163
2017-07-10 18:29:00
debiancve
debiancve
CVE-2017-12066
2017-08-01 05:29:00
CVE-2017-11163
2017-07-10 18:29:00
nvd
nvd
CVE-2017-12066
2017-08-01 05:29:00
CVE-2017-11163
2017-07-10 18:29:00
amazon
amazon
Important: cacti
2017-08-17 18:36:00
nessus
nessus
Amazon Linux AMI : cacti (ALAS-2017-874)
2017-08-18 00:00:00
Fedora 26 : cacti (2017-6833997d76)
2017-08-08 00:00:00
Fedora 25 : cacti (2017-127e76d78d)
2017-08-10 00:00:00
openvas
openvas
Mageia: Security Advisory (MGASA-2017-0267)
2022-01-28 00:00:00
Cacti XSS Vulnerability - Linux
2017-07-07 00:00:00
Cacti XSS Vulnerability - Windows
2017-07-07 00:00:00
cvelist
cvelist
CVE-2017-11163
2017-07-10 18:00:00
mageia
mageia
Updated cacti packages fix security vulnerabilities
2017-08-14 01:19:29
fedora
fedora
[SECURITY] Fedora 25 Update: cacti-1.1.16-1.fc25
2017-08-09 20:00:18
[SECURITY] Fedora 26 Update: cacti-1.1.16-1.fc26
2017-08-07 17:22:35