[Pkg-cacti-maint] Bug#872478: cacti: XSS in spikekill.php via method parameter
Salvatore Bonaccorso
carnil at debian.org
Fri Aug 18 05:06:38 UTC 2017
Control: retitle -1 cacti: CVE-2017-12927: XSS in spikekill.php via method parameter
On Thu, Aug 17, 2017 at 09:17:42PM +0200, Salvatore Bonaccorso wrote:
> Source: cacti
> Version: 1.1.17+ds1-1
> Severity: important
> Tags: patch upstream security fixed-upstream
> Forwarded: https://github.com/Cacti/cacti/issues/907
>
> hi
>
> Opening the tracking bug for the XSS issue reported at
> https://github.com/Cacti/cacti/issues/907 . Upstream fix:
> https://github.com/Cacti/cacti/commit/a032ce0be6a4ea47862c594e40a619ac8de1ef99
>
> A CVE has been requested for this issue.
CVE-2017-12927 has been assigned.
Regards,
Salvatore
More information about the Pkg-cacti-maint
mailing list