[Bug 1054742] VUL-0: CVE-2017-12978: cacti: lib/html.php in Cacti before 1.1.18 has XSS via the title field of anexternal link added by an authenticated user.

http://bugzilla.suse.com/show_bug.cgi?id=1054742 http://bugzilla.suse.com/show_bug.cgi?id=1054742#c6 --- Comment #6 from Swamp Workflow Management <swamp@suse.de> --- openSUSE-OU-2018:2194-1: An update that fixes 33 vulnerabilities is now available. Category: optional (low) Bug References: 022564,1047512,1048102,1050950,1051633,1054390,1054742,1067163,1067164,1067166,1068028,1101024,1101139,837440,862993,867607,870821,872008,934187,937997,958863,958977,960678,965930,971357,974013 CVE References: CVE-2006-6799,CVE-2007-3112,CVE-2007-3113,CVE-2013-5588,CVE-2013-5589,CVE-2014-2326,CVE-2014-2327,CVE-2014-2328,CVE-2014-2708,CVE-2014-2709,CVE-2014-4000,CVE-2014-4002,CVE-2014-5025,CVE-2014-5026,CVE-2015-4342,CVE-2015-4634,CVE-2015-8369,CVE-2015-8377,CVE-2015-8604,CVE-2016-2313,CVE-2016-3172,CVE-2016-3659,CVE-2017-10970,CVE-2017-11163,CVE-2017-11691,CVE-2017-12065,CVE-2017-12927,CVE-2017-12978,CVE-2017-15194,CVE-2017-16641,CVE-2017-16660,CVE-2017-16661,CVE-2017-16785 Sources used: SUSE Package Hub for SUSE Linux Enterprise 12 (src): cacti-1.1.38-2.1 -- You are receiving this mail because: You are on the CC list for the bug.