cacti -- Multiple XSS and SQL injection vulnerabilities

2015-06-09T00:00:00
ID A3929112-181B-11E5-A1CF-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2015-06-09T00:00:00

Description

The Cacti Group, Inc. reports:

Important Security Fixes

Multiple XSS and SQL injection vulnerabilities

Changelog

bug: Fixed SQL injection VN: JVN#78187936 / TN:JPCERT#98968540 bug#0002542: [FG-VD-15-017] Cacti Cross-Site Scripting Vulnerability Notification bug#0002571: SQL Injection and Location header injection from cdef id CVE-2015-4342 bug#0002572: SQL injection in graph template