CVE-2017-10970
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2017-10970
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-10970.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2017-10970
- Related
- Published
- 2017-07-06T11:29:00Z
- Modified
- 2024-09-18T02:40:56.572053Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the diehtmlinputerror function in lib/htmlvalidate.php.
- References
Affected packages
Debian:11 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source
Debian:12 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source
Debian:13 / cacti
Package
- Name
- cacti
- Purl
- pkg:deb/debian/cacti?arch=source