CVE-2014-5025

EPSS 0.45%

cacti - security update

發布日:2014/10/20修改日:2026/5/27

也稱為:DEBIAN-CVE-2014-5025

描述

Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.

受影響套件(3)

Debian/cactifrom 0, < 0.8.8b+dfsg-7
Debian/cactifrom 0, < 0.8.7g-1+squeeze5
Debian/cactifrom 0, < 0.8.8a+dfsg-5+deb7u4

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2014-5025