CVE-2018-20724

Опубликовано: 16 янв. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 4.8

Описание

A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	1.2.16+ds1-2ubuntu1
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	needed
esm-apps/focal	not-affected	1.2.10+ds1-1ubuntu1
esm-apps/jammy	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/noble	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/xenial	not-affected	code not present

Показывать по

Ссылки на источники

EPSS

Процентиль: 68%

0.00583

Низкий

3.5 Low

CVSS2

4.8 Medium

CVSS3

Связанные уязвимости

CVE-2018-20724

CVSS3: 4.8

nvd

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.

CVE-2018-20724

CVSS3: 4.8

debian

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in pollers.php in Ca ...

GHSA-cqqq-p7hm-4wmf

CVSS3: 4.8

github

больше 3 лет назад

A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors.

openSUSE-SU-2020:0272-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

openSUSE-SU-2020:0558-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 68%

0.00583

Низкий

3.5 Low

CVSS2

4.8 Medium

CVSS3

CVE-2018-20724

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости