FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

cacti -- XSS exposure

Affected packages
cacti < 1.2.12

Details

VuXML ID cd864f1a-8e5a-11ea-b5b4-641c67a117d8
Discovery 2020-04-16
Entry 2020-05-04

Cacti developer reports:

Lack of escaping of color items can lead to XSS exposure.

References

CVE Name CVE-2020-7106
FreeBSD PR ports/246164
URL https://github.com/Cacti/cacti/blob/release/1.2.12/CHANGELOG
URL https://sourceforge.net/p/cacti/mailman/message/37000502/