CVE-2017-11691

Опубликовано: 27 июл. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 5.4

Описание

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	1.1.38+ds1-1
cosmic	not-affected	1.1.38+ds1-1
devel	not-affected	1.1.38+ds1-1
esm-apps/bionic	not-affected	1.1.38+ds1-1
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	not-affected	code not present
precise/esm	DNE
trusty	not-affected	code not present
trusty/esm	not-affected	code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 66%

0.00506

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2017-11691

CVSS3: 5.4

nvd

больше 8 лет назад

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

CVE-2017-11691

CVSS3: 5.4

debian

больше 8 лет назад

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti ...

GHSA-m35f-jj5j-87x6

CVSS3: 5.4

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

openSUSE-SU-2017:2087-1

suse-cvrf

больше 8 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 66%

0.00506

Низкий

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2017-11691

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости