Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 816700f8 by Salvatore Bonaccorso at 2018-04-12T20:27:55+02:00 Add three new cacti CVEs - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== --- a/data/CVE/list +++ b/data/CVE/list @@ -1,3 +1,12 @@ +CVE-2018-10061 [XSS because making certain htmlspecialchars calls without the ENT_QUOTES flag] + - cacti 1.1.37+ds1-1 + NOTE: https://github.com/Cacti/cacti/issues/1457 +CVE-2018-10060 [XSS related issue to use of the sanitize_uri function in lib/functions.php] + - cacti 1.1.37+ds1-1 + NOTE: https://github.com/Cacti/cacti/issues/1457 +CVE-2018-10059 [XSS related issue in get_current_page] + - cacti 1.1.37+ds1-1 + NOTE: https://github.com/Cacti/cacti/issues/1457 CVE-2018-10058 RESERVED CVE-2018-10057 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/816700f87beddb305195b9dbff1d0ce3b9047b9c --- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/816700f87beddb305195b9dbff1d0ce3b9047b9c You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ Secure-testing-commits mailing list Secure-testing-commits@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits