[2.4] Cross-site scripting (XSS) vulnerability in smokeping_cgi
Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0790
(from redmine: issue id 1711, created on 2013-03-22, closed on 2013-04-17)
- Relations:
- parent #1709 (closed)
- Changesets:
- Revision acc5b8b4 by Natanael Copa on 2013-04-12T10:59:02Z:
main/smokeping: security upgrade to 2.6.9 (CVE-2012-0790)
fixes #1711