FreeBSD : cacti -- multiple vulnerabilities (db570002-ce06-11e7-804e-c85b763a2f96)

cacti reports : Changelog issue1057: CVE-2017-16641 - Potential vulnerability in RRDtool functions issue1066: CVE-2017-16660 in remoteagent.php logging function issue1066: CVE-2017-16661 in view log file issue1071: CVE-2017-16785 in globalsession.php Reflection XSS %NASLMINLEVEL 70300 C Tenable...

Medium: cacti

Issue Overview: include/globalsession.php in Cacti 1.1.25 has XSS related to 1 the URI or 2 the refresh page. CVE-2017-15194 Affected Packages: cacti Issue Correction: Run yum update cacti or yum update --advisory ALAS-2017-923 to update your system. New Packages: noarch: ...

CVE-2017-15194

include/globalsession.php in Cacti 1.1.25 has XSS related to 1 the URI or 2 the refresh page...

Code injection

include/globalsession.php in Cacti 1.1.25 has XSS related to 1 the URI or 2 the refresh page...

CVE-2017-15194

CVE-2017-15194 affects Cacti 1.1.25, with a Cross-Site Scripting (XSS) vulnerability in include/global_session.php related to the URI or the refresh page. Multiple security feeds (OpenVAS/Nessus entries and vendor advisories) corroborate the issue and reference the same CVE. The advisories indica...