Fluid Attacks Database

Description

Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	cacti	>=0 <1.2.13+ds1-1	1.2.13+ds1-1
debian 12	cacti	>=0 <1.2.13+ds1-1	1.2.13+ds1-1
debian 11	cacti	>=0 <1.2.13+ds1-1	1.2.13+ds1-1
debian 14	cacti	>=0 <1.2.13+ds1-1	1.2.13+ds1-1

Aliases

1. CVE-2020-232262. NVD-2020-232263. OSV-DEBIAN-2020-232264. OSV-2020-232265. SECURITY-TRACKER-CVE-2020-23226