Launchpad CVE tracker

CVE 2014-2326

Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Related bugs and status

CVE-2014-2326 (Candidate) is related to these bugs:

Bug #1210822: Please backport cacti security fixes

		In	Importance	Status
1210822	Please backport cacti security fixes	cacti (Ubuntu)	Medium	Fix Released
1210822	Please backport cacti security fixes	cacti (Ubuntu Vivid)	Medium	Fix Released
1210822	Please backport cacti security fixes	cacti (Ubuntu Precise)	Medium	Won't Fix
1210822	Please backport cacti security fixes	cacti (Ubuntu Utopic)	Medium	Fix Released
1210822	Please backport cacti security fixes	cacti (Ubuntu Trusty)	Medium	Fix Released

Bug #1303492: Sync cacti 0.8.8b+dfsg-4 (universe) from Debian unstable (main)

Summary				In	Importance	Status
	1303492	Sync cacti 0.8.8b+dfsg-4 (universe) from Debian unstable (main)		cacti (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2014-2326

References