9 matches found
Medium: ganglia
Issue Overview: Cross-site scripting XSS vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the hostregex parameter to the default URI, which is processed by getcontext.php. Affected Packages: ganglia Issue Correction: Ru...
Fedora Update for ganglia FEDORA-2013-22497
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for ganglia FEDORA-2013-22444
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 20 : ganglia-3.6.0-3.fc20 (2013-22396)
Update to ganglia-web to 3.5.10 and add patch as workaround for reported security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
Fedora 19 : ganglia-3.6.0-3.fc19 (2013-22444)
Update to ganglia-web to 3.5.10 and add patch as workaround for reported security issue. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible...
CVE-2013-6395
Cross-site scripting XSS vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the hostregex parameter to the default URI, which is processed by getcontext.php...
CVE-2013-6395
CVE-2013-6395 affects Ganglia Web (header.php) via host_regex on default URI, exploitable in version 3.5.8 and 3.5.10, processed by get_context.php. OpenVAS/Nessus entries label it as a remote XSS vulnerability with a VendorFix remediation and CVSS base score 4.3 (MEDIUM). Mitigations across Open...
CVE-2013-6395
Cross-site scripting XSS vulnerability in header.php in Ganglia Web 3.5.8 and 3.5.10 allows remote attackers to inject arbitrary web script or HTML via the hostregex parameter to the default URI, which is processed by getcontext.php...
Updated ganglia-web package fixes security vulnerability
XSS issue in ganglia-web makes it possible to execute JavaScript in victims' browser after tricking the victim into opening a specially crafted URL CVE-2013-6395...