CVE-2010-1644 Information

Feb 14, 2021 cve

Description

Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f as used in Red Hat High Performance Computing (HPC) Solution and other products allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php or (3) the host_id parameter to data_sources.php.

Reference

http://secunia.com/advisories/41041 http://svn.cacti.net/viewvc?view=rev&revision=5901 http://www.cacti.net/release_notes_0_8_7f.php http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 http://www.securityfocus.com/archive/1/511393 http://www.securityfocus.com/bid/40332 http://www.vupen.com/english/advisories/2010/1203 http://www.vupen.com/english/advisories/2010/2132 https://bugzilla.redhat.com/show_bug.cgi?id=609093 https://rhn.redhat.com/errata/RHSA-2010-0635.html

Share on: