UBUNTU-CVE-2017-11691

Advisory lineage Upstream: 1 Downstream: 0
Upstream
CVE-2017-11691
Published: 27 Jul 2017, 06:29
Last modified:16 Jul 2025, 08:12

Vulnerability Summary

Overall Risk (default)
low
22/100
CVSS Score
5.4 MEDIUM
3.0 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

27 Jul 2017, 06:29
Published
Vulnerability first disclosed
16 Jul 2025, 08:12
Last Modified
Vulnerability information updated

Description

Cross-site scripting (XSS) vulnerability in auth_profile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers.

CVSS Metrics

  • v3.0MEDIUMScore: 5.4CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

Affected Systems

  • ubuntucacti

    < 1.1.38+ds1-1

References (4)