CVE-2010-2544 Information
Description
Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g as used in Red Hat High Performance Computing (HPC) Solution and other products allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
Reference
http://cacti.net/release_notes_0_8_7g.php http://marc.info/?l=oss-security&m=127978954522586&w=2 http://marc.info/?l=oss-security&m=128017203704299&w=2 http://secunia.com/advisories/41041 http://svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025 http://svn.cacti.net/viewvc?view=rev&revision=6025 http://www.mandriva.com/security/advisories?name=MDVSA-2010:160 http://www.securityfocus.com/bid/42575 http://www.vupen.com/english/advisories/2010/2132 https://bugzilla.redhat.com/show_bug.cgi?id=459105 https://exchange.xforce.ibmcloud.com/vulnerabilities/61226 https://rhn.redhat.com/errata/RHSA-2010-0635.html
Share on: