VDB
DEBIAN-CVE-2018-20726
DEBIAN-CVE-2018-20726
PUBLISHED
CVSS 5.400000095367432 MEDIUM
A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices.
Risk Scores
CVSS 3.0
5.400000095367432
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | cacti | 0, 0, 0 |
| Debian:13 | cacti | 0, 0, 0 |
| Debian:14 | cacti | 0 |
| Debian:11 | cacti | 0, 0, 0 |
Timeline
- Jan 16, 2019 CVE Published
- May 10, 2026 CVE Updated