CVE-2020-14424

Опубликовано: 14 нояб. 2021

Источник: debian

EPSS Низкий

Описание

Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.

Пакет	Статус	Версия исправления	Релиз	Тип
cacti	fixed	1.2.19+ds1-1		package
cacti	not-affected		bullseye	package
cacti	not-affected		buster	package
cacti	not-affected		stretch	package

https://github.com/Cacti/cacti/pull/4261
https://github.com/Cacti/cacti/commit/d12800ab479ad95a091bc577f28fd99ec95eb64c (release/1.2.18)

EPSS

Процентиль: 59%

0.00388

Низкий

CVE-2020-14424

CVSS3: 6.1

ubuntu

около 4 лет назад

Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.

CVE-2020-14424

CVSS3: 6.1

nvd

около 4 лет назад

Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.

openSUSE-SU-2021:1190-1

suse-cvrf

больше 4 лет назад

Security update for cacti, cacti-spine

GHSA-5gvx-jvhg-chfx

github

больше 3 лет назад

Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.

EPSS

Процентиль: 59%

0.00388

Низкий