subject:"Bug#869848\: cacti\: Cross\-site scripting vulnerability in auth_profile.php"

Bug#869848: cacti: Cross-site scripting vulnerability in auth_profile.php

2017-07-26 Thread Salvatore Bonaccorso

Control: retitle -1 cacti: CVE-2017-11691: Cross-site scripting vulnerability in auth_profile.php CVE-2017-11691 has been assigned for this issue. Regards, Salvatore

Bug#869848: cacti: Cross-site scripting vulnerability in auth_profile.php

2017-07-26 Thread Salvatore Bonaccorso

Source: cacti Version: 1.1.13+ds1-1 Severity: important Tags: security patch upstream fixed-upstream Forwarded: https://github.com/Cacti/cacti/issues/867 Hi There is a XSS vulnerability in auth_profile.php which can be taken advantage from by authenticated users: Upstream issue: https://github.c