[2.6] Cross-site scripting (XSS) vulnerability in smokeping_cgi
Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0790
(from redmine: issue id 1709, created on 2013-03-22, closed on 2013-04-17)
- Relations:
- child #1710 (closed)
- child #1711 (closed)
- child #1712 (closed)
- child #1713 (closed)
- Changesets:
- Revision ddfb89a1 by Natanael Copa on 2013-04-12T12:50:27Z:
main/smokeping: upgrade to 2.6.9
fixes #1709