CVE-2020-25706

Опубликовано: 12 нояб. 2020

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

CVSS3: 5.4

Описание

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

Релиз	Статус	Примечание
bionic	ignored	end of standard support, was needed
devel	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/bionic	needed
esm-apps/focal	needed
esm-apps/jammy	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/noble	not-affected	1.2.16+ds1-2ubuntu1
esm-apps/xenial	not-affected	code not present
esm-infra-legacy/trusty	needs-triage
focal	ignored	end of standard support, was needed
groovy	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 80%

0.01458

Низкий

4.3 Medium

CVSS2

5.4 Medium

CVSS3

Связанные уязвимости

CVE-2020-25706

CVSS3: 5.4

nvd

около 5 лет назад

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

CVE-2020-25706

CVSS3: 5.4

debian

около 5 лет назад

A cross-site scripting (XSS) vulnerability exists in templates_import. ...

GHSA-7q49-9j54-8r38

CVSS3: 6.1

github

больше 3 лет назад

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

EPSS

Процентиль: 80%

0.01458

Низкий

4.3 Medium

CVSS2

5.4 Medium

CVSS3

CVE-2020-25706

Описание

Пакет cacti

Ссылки на источники

Связанные уязвимости