Upstream information
Description
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
SUSE Bugzilla entry: 1188188 [RESOLVED / FIXED] SUSE Security Advisories:- openSUSE-SU-2021:1190-1, published Wed Aug 25 21:41:18 2021
- openSUSE-SU-2021:1208-1, published Sun Aug 29 03:40:38 2021
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
SUSE Package Hub 12 |
| Patchnames: openSUSE-2021-1190 |
SUSE Package Hub 15 SP2 |
| Patchnames: openSUSE-2021-1208 |
SUSE Package Hub 15 SP3 |
| Patchnames: openSUSE-2021-1190 |
openSUSE Leap 15.2 |
| Patchnames: openSUSE-2021-1190 |
openSUSE Leap 15.3 |
| Patchnames: openSUSE-2021-1190 |
openSUSE Tumbleweed |
| Patchnames: openSUSE Tumbleweed GA cacti-1.2.18-1.2 |