CVE-2020-25706: A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field Please stabilize when ready.
x86 stable
amd64 stable
sparc stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=46478d39248628c5ba118839a7e051f519408792 commit 46478d39248628c5ba118839a7e051f519408792 Author: Sam James <sam@gentoo.org> AuthorDate: 2020-12-29 06:44:24 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2020-12-29 06:44:24 +0000 net-analyzer/cacti: security cleanup Bug: https://bugs.gentoo.org/760705 Package-Manager: Portage-3.0.12-prefix, Repoman-3.0.2 Signed-off-by: Sam James <sam@gentoo.org> net-analyzer/cacti/Manifest | 1 - net-analyzer/cacti/cacti-1.2.13.ebuild | 48 ---------------------------------- 2 files changed, 49 deletions(-)