Описание
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| cosmic | ignored | end of life |
| devel | not-affected | 1.2.2+ds1-2 |
| disco | not-affected | 1.2.2+ds1-2 |
| eoan | not-affected | 1.2.2+ds1-2 |
| esm-apps/bionic | needed | |
| esm-apps/focal | not-affected | 1.2.2+ds1-2 |
| esm-apps/jammy | not-affected | 1.2.2+ds1-2 |
| esm-apps/noble | not-affected | 1.2.2+ds1-2 |
| esm-apps/xenial | needed |
Показывать по
EPSS
3.5 Low
CVSS2
5.4 Medium
CVSS3
Связанные уязвимости
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping o ...
In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
EPSS
3.5 Low
CVSS2
5.4 Medium
CVSS3