CiteSeerX - Document Details (Isaac Councill, Lee Giles, Pradeep Teregowda): It is proved that the crossing number of the Generalized Petersen Graph P (3k + h; 3) is k + h if h 2 f0; 2g and k + 3 if h = 1, for each k 3, with the single exception of P (9; 3), whose crossing number is 2. The most frequent installer filenames for the program are: cactustrial-1.1.6.tar.gz and Cactus%20Trial-1.1.6.tar.gz etc. The size of the latest.
![]()
Security Advisory
This security advisory describes one low risk vulnerability.
1) Cross-site scripting
Severity:Low
CVSSv3:5.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C][PCI]
CVE-ID: N/A
CWE-ID:CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
![]()
Exploit availability: No
![]()
The vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The weakness exists in the get_current_page() function in 'lib/functions.php' due to insufficient sanitization of user-supplied data. A remote attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Mitigation
Update to version 1.1.37.
Vulnerable software versions
Cacti: 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, 1.0.5, 1.0.6, 1.1.0, 1.1.1, 1.1.2, 1.1.3, 1.1.4, 1.1.5, 1.1.6, 1.1.7, 1.1.8, 1.1.9, 1.1.10, 1.1.11, 1.1.12, 1.1.13, 1.1.14, 1.1.15, 1.1.16, 1.1.17, 1.1.18, 1.1.19, 1.1.20, 1.1.21, 1.1.22, 1.1.23, 1.1.24, 1.1.25, 1.1.26, 1.1.27, 1.1.28, 1.1.29, 1.1.30, 1.1.31, 1.1.32, 1.1.33, 1.1.34, 1.1.35, 1.1.36
CPEExternal links
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
![]() Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
January 2023
Categories |