OPENSUSE-SU-2021:1208-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2020-14424

Published: 28 Aug 2021, 22:07

Last modified:04 Feb 2026, 04:28

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

28 Aug 2021, 22:07

Published

Vulnerability first disclosed

04 Feb 2026, 04:28

Last Modified

Vulnerability information updated

Description

Security update for cacti, cacti-spine This update for cacti, cacti-spine fixes the following issues: cacti-spine 1.2.18: * Fix missing time parameter on FROM_UNIXTIME function cacti 1.2.18: * CVE-2020-14424: Lack of escaping on template import can lead to XSS exposure under 'midwinter' theme (boo#1188188) * Real time graphs can expose XSS issue This update was imported from the openSUSE:Leap:15.2:Update update project.

Affected Systems

suse•cacti-spine&distro=SUSE Package Hub 15 SP2
< 1.2.18-bp152.2.10.1
suse•cacti&distro=SUSE Package Hub 15 SP2
< 1.2.18-bp152.2.13.1

OPENSUSE-SU-2021:1208-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (3)