8 matches found
Fedora Update for cacti FEDORA-2017-127e76d78d
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 25 : cacti (2017-127e76d78d)
Update to 1.1.16 - CVE-2017-12065 CVE-2017-12066 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.16 ---- - Update to 1.1.15 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.15 ---- - Update to 1.1.14 Release notes:...
Fedora 26 : cacti (2017-6833997d76)
Update to 1.1.16 - CVE-2017-12065 CVE-2017-12066 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.16 ---- - Update to 1.1.15 Release notes: https://www.cacti.net/releasenotes.php?version=1.1.15 ---- - Update to 1.1.14 Release notes:...
Fedora Update for cacti FEDORA-2017-6833997d76
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cacti Multiple Vulnerabilities - Linux
Cacti is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cacti:cacti"; if description...
CVE-2017-12066
Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable. NOTE: this vulnerability exists because of an incomplete fi...
CVE-2017-12066
Cross-site scripting XSS vulnerability in aggregategraphs.php in Cacti before 1.1.16 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancelurl variable. NOTE: this vulnerability exists because of an incomplete fi...
CVE-2017-12066
CVE-2017-12066 affects Cacti prior to 1.1.16: an XSS in aggregate_graphs.php allows remote authenticated users to inject script via crafted HTTP Referer headers, tied to the $cancel_url variable and incomplete fix for CVE-2017-11163 (ENT_QUOTES flag). The issue is resolved in 1.1.16; remediation ...