[Git][security-tracker-team/security-tracker][master] CVE-2018-10059/cacti: precision
Sylvain Beucler (@beuc)
beuc at debian.org
Mon Mar 28 11:07:35 BST 2022
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4cd6e253 by Sylvain Beucler at 2022-03-28T12:07:14+02:00
CVE-2018-10059/cacti: precision
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -253149,6 +253149,7 @@ CVE-2018-10059 (Cacti before 1.1.37 has XSS because the get_current_page functio
[wheezy] - cacti <not-affected> (Issue introduced later)
NOTE: https://github.com/Cacti/cacti/issues/1457
NOTE: get_current_page was added in the 1.x series
+ NOTE: PHP_SELF/SCRIPT_NAME inconsistency protection in global/include.php in v<1.1.4
CVE-2018-10058 (The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 a ...)
- cgminer <unfixed> (bug #900929)
[stretch] - cgminer <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cd6e2534049b6b748ac5f8ef01ada00bb3796bd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4cd6e2534049b6b748ac5f8ef01ada00bb3796bd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220328/af182dd6/attachment.htm>
More information about the debian-security-tracker-commits
mailing list