Overview
Request 820849 accepted
- cacti 1.2.13:
* Query XSS vulnerabilities require vendor package update
(CVE-2020-11022 / CVE-2020-11023)
* Lack of escaping on some pages can lead to XSS exposure
* Update PHPMailer to 6.1.6 (CVE-2020-13625)
* SQL Injection vulnerability due to input validation failure when
editing colors (CVE-2020-14295, boo#1173090)
* Lack of escaping on template import can lead to XSS exposure
- Created by AndreasStieger
- In state accepted
Request History
AndreasStieger created request
- cacti 1.2.13:
* Query XSS vulnerabilities require vendor package update
(CVE-2020-11022 / CVE-2020-11023)
* Lack of escaping on some pages can lead to XSS exposure
* Update PHPMailer to 6.1.6 (CVE-2020-13625)
* SQL Injection vulnerability due to input validation failure when
editing colors (CVE-2020-14295, boo#1173090)
* Lack of escaping on template import can lead to XSS exposure
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
dimstar_suse added as a reviewer
Being evaluated by staging project "openSUSE:Factory:Staging:adi:41"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:adi:41"
dimstar accepted review
dimstar_suse accepted review
Staging Project openSUSE:Factory:Staging:adi:41 got accepted.
dimstar_suse approved review
Staging Project openSUSE:Factory:Staging:adi:41 got accepted.
dimstar_suse accepted request
Staging Project openSUSE:Factory:Staging:adi:41 got accepted.
