CVE-2019-11025

NameCVE-2019-11025
DescriptionIn clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub advisories/code/issues, web search, more)
ReferencesDLA-1757-1, DLA-2965-1
Debian Bugs926700

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
cacti (PTS)buster1.2.2+ds1-2+deb10u4fixed
buster (security)1.2.2+ds1-2+deb10u2fixed
bullseye1.2.16+ds1-2fixed
bookworm, sid1.2.21+ds1-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
cactisourcejessie0.8.8b+dfsg-8+deb8u7DLA-1757-1
cactisourcestretch0.8.8h+ds1-10+deb9u2DLA-2965-1
cactisource(unstable)1.2.2+ds1-2low926700

Notes

https://github.com/Cacti/cacti/issues/2581
https://github.com/Cacti/cacti/commit/c373e66a6a224e221a1db037164144ce59b20736 (v1.2.3)
Search for package or bug name: Reporting problems