7 matches found
SUSE CVE-2018-20724
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...
openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-558)
This update for cacti, cacti-spine to version 1.2.11 fixes the following issues : This update is fixing multiple vulnerabilities and adding bug fixes. For more details consult the changes file. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...
openSUSE: Security Advisory for cacti, (openSUSE-SU-2020:0558-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE: Security Advisory for cacti, (openSUSE-SU-2020:0272-1)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Cacti < 1.2.0 Multiple XSS Vulnerabilities - Windows
Cacti is prone to multiple cross-site scripting vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cacti:cacti";...
CVE-2018-20724
CVE-2018-20724 is a cross-site scripting (XSS) vulnerability in Cacti before 1.2.0, caused by a lack of escaping unintended characters in the Website Hostname used by Data Collectors (pollers.php). Public documentation confirms fixes in later releases: cacti-spine updated to 1.2.9 (openSUSE/SUSE ...
CVE-2018-20724
A cross-site scripting XSS vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors...