Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 18 Aug 2017 23:04:37 +0200
From: Salvatore Bonaccorso <carnil@...ian.org>
To: OSS Security Mailinglist <oss-security@...ts.openwall.com>
Subject: cacti: CVE-2017-12927: XSS vulnerability in spikekill.php via method
 parameter

Hi

MITRE has assigned CVE-2017-12927 for the following cross-site
scripting vulnerablity in cacti in spikekill.php via the method
parameter:

https://github.com/Cacti/cacti/issues/907

with upstream fix in

https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99

Regards,
Salvatore

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ