CVE-2018-20725

Опубликовано: 16 янв. 2019

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 3.5

CVSS3: 4.8

Описание

A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	1.2.16+ds1-2ubuntu1
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	needed
esm-apps/focal	not-affected	1.2.10+ds1-1ubuntu1
esm-apps/jammy	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/noble	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/xenial	needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 65%

0.00496

Низкий

3.5 Low

CVSS2

4.8 Medium

CVSS3

Связанные уязвимости

CVE-2018-20725

CVSS3: 4.8

nvd

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.

CVE-2018-20725

CVSS3: 4.8

debian

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in graph_templates.p ...

GHSA-rpc3-5pr4-95g6

CVSS3: 4.8

github

больше 3 лет назад

A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label.

openSUSE-SU-2020:0272-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

openSUSE-SU-2020:0558-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

EPSS

Процентиль: 65%

0.00496

Низкий

3.5 Low

CVSS2

4.8 Medium

CVSS3

CVE-2018-20725

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости