Update Info


Security update for cacti, cacti-spine

Type: security
Severity: moderate
Issued: 2021-08-29
This update for cacti, cacti-spine fixes the following issues:

cacti-spine 1.2.18:

* Fix missing time parameter on FROM_UNIXTIME function

cacti 1.2.18:

* CVE-2020-14424: Lack of escaping on template import can lead to
  XSS exposure under 'midwinter' theme (boo#1188188)
* Real time graphs can expose XSS issue

This update was imported from the openSUSE:Leap:15.2:Update update project.



  • cacti-spine-1.2.18-bp152.2.10.1
  • cacti-1.2.18-bp152.2.13.1