Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-10970

Опубликовано: 06 июл. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3
CVSS3: 5.4

Описание

Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.

РелизСтатусПримечание
artful

not-affected

1.1.12+ds1-1
bionic

not-affected

1.1.12+ds1-1
cosmic

not-affected

1.1.12+ds1-1
devel

not-affected

1.1.12+ds1-1
esm-apps/bionic

not-affected

1.1.12+ds1-1
esm-apps/xenial

not-affected

code not present
esm-infra-legacy/trusty

not-affected

code not present
precise/esm

DNE

trusty

not-affected

code not present
trusty/esm

not-affected

code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 45%
0.00223
Низкий

4.3 Medium

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

nvd логотип

CVE-2017-10970

CVSS3: 5.4
nvd
больше 8 лет назад

Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.

debian логотип

CVE-2017-10970

CVSS3: 5.4
debian
больше 8 лет назад

Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 a ...

github логотип

GHSA-fg3c-pj38-fxr2

CVSS3: 5.4
github
больше 3 лет назад

Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php.

suse-cvrf логотип

openSUSE-SU-2017:2087-1

suse-cvrf
больше 8 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 45%
0.00223
Низкий

4.3 Medium

CVSS2

5.4 Medium

CVSS3