Oval Definition:oval:org.opensuse.security:def:20144002
Revision Date:2022-06-30Version:1
Title:CVE-2014-4002
Description:

Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote attackers to inject arbitrary web script or HTML via the (1) drp_action parameter to cdef.php, (2) data_input.php, (3) data_queries.php, (4) data_sources.php, (5) data_templates.php, (6) graph_templates.php, (7) graphs.php, (8) host.php, or (9) host_templates.php or the (10) graph_template_input_id or (11) graph_template_id parameter to graph_templates_inputs.php.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2014-4002
Mitre CVE-2014-4002
SUSE CVE-2014-4002
openSUSE-SU-2015:0479-1
openSUSE-SU-2015:0479-1
Platform(s):openSUSE 13.1
openSUSE 13.2
openSUSE Tumbleweed
SUSE Linux Enterprise High Performance Computing 12
SUSE Linux Enterprise Server 12
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Package Hub for SUSE Linux Enterprise 12
Product(s):
Definition Synopsis
  • openSUSE 13.1 is installed
  • AND cacti-0.8.8c-8.1 is installed
  • Definition Synopsis
  • openSUSE 13.2 is installed
  • AND cacti-0.8.8c-4.4.1 is installed
  • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • cacti-1.1.38-2 is installed
  • OR cacti-doc-1.1.38-2 is installed
  • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • cacti-0.8.8h-1.2 is installed
  • OR cacti-doc-0.8.8h-1.2 is installed
  • Definition Synopsis
  • SUSE Package Hub for SUSE Linux Enterprise 12 is installed
  • AND Package Information
  • cacti-1.1.38-2.1 is installed
  • OR cacti-doc-1.1.38-2.1 is installed
  • BACK