Unrated severityNVD Advisory· Published Nov 14, 2021· Updated Aug 4, 2024
CVE-2020-14424
CVE-2020-14424
Description
Cacti before 1.2.18 allows remote attackers to trigger XSS via template import for the midwinter theme.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13- Cacti/Cactidescription
- Range: <1.2.18
- osv-coords11 versionspkg:rpm/opensuse/cacti&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/cacti&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/cacti&distro=openSUSE%20Tumbleweedpkg:rpm/opensuse/cacti-spine&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/cacti-spine&distro=openSUSE%20Leap%2015.3pkg:rpm/suse/cacti&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/cacti&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/cacti&distro=SUSE%20Package%20Hub%2015%20SP3pkg:rpm/suse/cacti-spine&distro=SUSE%20Package%20Hub%2012pkg:rpm/suse/cacti-spine&distro=SUSE%20Package%20Hub%2015%20SP2pkg:rpm/suse/cacti-spine&distro=SUSE%20Package%20Hub%2015%20SP3
< 1.2.18-bp153.2.3.1+ 10 more
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-1.2
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp152.2.13.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
- (no CPE)range: < 1.2.18-bp152.2.10.1
- (no CPE)range: < 1.2.18-bp153.2.3.1
Patches
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- github.com/Cacti/cacti/pull/4261mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.