CVE-2018-10061

Опубликовано: 12 апр. 2018

Источник: ubuntu

Приоритет: medium

CVSS2: 3.5

CVSS3: 5.4

Описание

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

Релиз	Статус	Примечание
artful	ignored	end of life
bionic	not-affected	1.1.38+ds1-1
cosmic	ignored	end of life
devel	not-affected	1.1.38+ds1-1
disco	not-affected	1.1.38+ds1-1
eoan	not-affected	1.1.38+ds1-1
esm-apps/bionic	not-affected	1.1.38+ds1-1
esm-apps/focal	not-affected	1.1.38+ds1-1
esm-apps/jammy	not-affected	1.1.38+ds1-1
esm-apps/noble	not-affected	1.1.38+ds1-1

Показывать по

Ссылки на источники

3.5 Low

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2018-10061

CVSS3: 5.4

nvd

почти 8 лет назад

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

CVE-2018-10061

CVSS3: 5.4

debian

почти 8 лет назад

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars ...

GHSA-gj65-6229-2cwr

CVSS3: 5.4

github

больше 3 лет назад

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2018-10061

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости