Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Deutsche Telekom CERT Advisory [DTC-A-20140324-001] vulnerabilities in cacti
Mar 24 2014 03:41PM
CERT telekom de
Deutsche Telekom CERT Advisory [DTC-A-20140324-001]
Three vulnerabilities were found in cacti version 0.8.7g.
The vulnerabilities are:
1) Stored Cross-Site Scripting (XSS) (via URL)
2) Missing CSRF (Cross-Site Request Forgery) token allows execution of arbitrary commands
3) The use of...
[ more ]
Copyright 2010, SecurityFocus