7 matches found
Amazon Linux AMI : cacti (ALAS-2017-904)
A cross-site scripting vulnerability exists in Cacti in the method parameter in spikekill.php. CVE-2017-12927 The lib/html.php script in Cacti has a XSS vulnerability via the title field of an external link added by an authenticated user. CVE-2017-12978 C Tenable Network Security, Inc. The...
Medium: cacti
Issue Overview: A cross-site scripting vulnerability exists in Cacti in the method parameter in spikekill.php. CVE-2017-12927 The lib/html.php script in Cacti has a XSS vulnerability via the title field of an external link added by an authenticated user. CVE-2017-12978 Affected Packages: cacti...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2017-999)
This update for cacti and cacti-spine fixes security issues and bugs. The following vulnerabilities were fixed : - CVE-2017-12927: Cross-site scripting vulnerability in methodparameter bsc1054390 - CVE-2017-12978:Cross-site scripting vulnerability via the title field bsc1054742 It also contains a...
Fedora Update for cacti FEDORA-2017-2f1ca6beb7
The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cacti spikekill.php Cross-Site Scripting (CVE-2017-12927)
A reflected cross-site scripting vulnerability exists in Cacti. This vulnerability is due to improper validation of user supplied input within the web user interface when accessing the spikekill.php page...
CVE-2017-12927
A cross-site scripting vulnerability exists in Cacti 1.1.17 in the method parameter in spikekill.php...
CVE-2017-12927
CVE-2017-12927 is an XSS vulnerability in Cacti, exposed via spikekill.php in Cacti 1.1.17. Upgrading to the patched release (e.g., 1.1.19) is recommended; advisories from openSUSE, Fedora, and Amazon Linux reference this CVE and the fix as part of their updates. The connected documents do not pr...