VDB

CVE-2020-23226

CVE-2020-23226 PUBLISHED

Multiple Cross Site Scripting (XSS) vulneratiblities exist in Cacti 1.2.12 in (1) reports_admin.php, (2) data_queries.php, (3) data_input.php, (4) graph_templates.php, (5) graphs.php, (6) reports_admin.php, and (7) data_input.php.

EPSS 1.25% · 79.6th percentile

Risk Scores

EPSS Score
1.25%
79.6th percentile

Affected Products

VendorProductVersions
Ubuntu:Pro:16.04:LTScacti0.8.8f+ds1-4ubuntu4.16.04.1, 0.8.8f+ds1-4ubuntu4, 0.8.8f+ds1-4ubuntu2
Ubuntu:Pro:20.04:LTScacti0, 1.2.4+ds1-2ubuntu3, 1.2.9+ds1-1ubuntu1
Ubuntu:Pro:18.04:LTScacti*, 1.1.27+ds1-3, 1.1.28+ds1-2
Ubuntu:Pro:14.04:LTScacti*, 0.8.8b+dfsg-5ubuntu0.2+esm2, 0.8.8b+dfsg-5ubuntu0.2+esm1

Timeline

  • Aug 27, 2021 CVE Published
  • Aug 28, 2021 EPSS Score
  • Oct 25, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 18, 2022 EPSS Score
  • Apr 17, 2022 EPSS Score
  • Jun 14, 2022 EPSS Score
  • Aug 12, 2022 EPSS Score
  • Oct 9, 2022 EPSS Score
  • Feb 2, 2023 EPSS Score
  • Mar 7, 2023 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›