CVE-2015-2665

CVSS v2.0 4.3 (Medium)

EPSS 0.30 % (70^th)

Affected Products 2

Advisories 5

Cross-site scripting (XSS) vulnerability in Cacti before 0.8.8d allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Weaknesses

CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2015-06-17 18:59:01
(9 years ago)
Updated Date: 2017-11-04 01:29:03
(6 years ago)

Affected Products

Cacti

Cacti

Fedoraproject

Fedora

Configuration #1

		CPE23	From	Up To
	Cacti 0.8.8c and prior versions	cpe:2.3:a:cacti:cacti		<= 0.8.8c

Configuration #2

		CPE23	From	Up To
	Fedoraproject Fedora 22	cpe:2.3:o:fedoraproject:fedora:22
	Fedoraproject Fedora 23	cpe:2.3:o:fedoraproject:fedora:23
	Fedoraproject Fedora 24	cpe:2.3:o:fedoraproject:fedora:24