[2.2] Cross-site scripting (XSS) vulnerability in smokeping_cgi
Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0790
(from redmine: issue id 1713, created on 2013-03-22, closed on 2013-04-17)
- Relations:
- parent #1709 (closed)
- Changesets:
- Revision 6c450cd9 by Natanael Copa on 2013-04-12T11:56:31Z:
main/smokeping: security fix (CVE-2012-0790)
fixes #1713