Lucene search

K

PRIOn knowledge basePRION:CVE-2010-2543

HistoryAug 23, 2010 - 10:00 p.m.

Cross site scripting

2010-08-2322:00:00

PRIOn knowledge base

www.prio-n.com

4

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

67.4%

Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allows remote attackers to inject arbitrary web script or HTML via the graph_start parameter to graph.php. NOTE: this vulnerability exists because of an incorrect fix for CVE-2009-4032.2.b.

CPENameOperatorVersion
cactieq0.5
cactieq0.8.6107
cactieq0.8.6100
cactieq0.6.3
cactieq<= 0.8.7f
cactieq0.8.7
cactieq0.8.597
cactieq0.8.3
cactieq0.6.8
cactieq0.8.2

Rows per page:

1-10 of 381

References

cacti.net/release_notes_0_8_7g.php

svn.cacti.net/viewvc/cacti/branches/0.8.7/include/top_graph_header.php?r1=6025&r2=6024

svn.cacti.net/viewvc?view=rev&revision=6025

www.mandriva.com/security/advisories?name=MDVSA-2010:160

bugzilla.redhat.com/show_bug.cgi?id=541279

marc.info/?l=oss-security&m=127978954522586&w=2

marc.info/?l=oss-security&m=128017203704299&w=2

5.8 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

67.4%

Related for PRION:CVE-2010-2543

cve2 ubuntucve2 debiancve2 nessus7 fedora2 openvas19 jvn1 securityvulns4 exploitpack1 seebug2 freebsd1 packetstorm1 prion1 veracode1 exploitdb1 osv1 debian3 gentoo1