CVE-2018-20726

Опубликовано: 16 янв. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 3.5

CVSS3: 5.4

Описание

A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
cosmic	ignored	end of life
devel	not-affected	1.2.16+ds1-2ubuntu1
disco	ignored	end of life
eoan	ignored	end of life
esm-apps/bionic	needed
esm-apps/focal	not-affected	1.2.10+ds1-1ubuntu1
esm-apps/jammy	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/noble	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/xenial	needed

Показывать по

Ссылки на источники

3.5 Low

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2018-20726

CVSS3: 5.4

nvd

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.

CVE-2018-20726

CVSS3: 5.4

debian

около 7 лет назад

A cross-site scripting (XSS) vulnerability exists in host.php (via tre ...

GHSA-39rw-hw3x-2qp8

CVSS3: 5.4

github

больше 3 лет назад

A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.

openSUSE-SU-2020:0272-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

openSUSE-SU-2020:0558-1

suse-cvrf

почти 6 лет назад

Security update for cacti, cacti-spine

3.5 Low

CVSS2

5.4 Medium

CVSS3

CVE-2018-20726

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости