Staging Environment: Content and features may be unstable or change without notice.
Search for packages
Package details: pkg:deb/debian/cacti@1.1.12%2Bds1-1?distro=trixie
purl pkg:deb/debian/cacti@1.1.12%2Bds1-1?distro=trixie
Vulnerabilities affecting this package (0)
Vulnerability Summary Fixed by
This package is not known to be affected by vulnerabilities.
Vulnerabilities fixed by this package (2)
Vulnerability Summary Aliases
VCID-gdfw-gryt-8qhg Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter, related to the die_html_input_error function in lib/html_validate.php. CVE-2017-10970
VCID-w1vc-ugdq-aygx Cross-site scripting (XSS) vulnerability in aggregate_graphs.php in Cacti 1.1.12 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers, related to the $cancel_url variable. CVE-2017-11163

Date Actor Action Vulnerability Source VulnerableCode Version
2026-04-16T12:30:43.439528+00:00 Debian Importer Fixing VCID-gdfw-gryt-8qhg https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-16T10:25:55.441471+00:00 Debian Importer Fixing VCID-w1vc-ugdq-aygx https://security-tracker.debian.org/tracker/data/json 38.4.0
2026-04-13T08:34:00.248039+00:00 Debian Importer Fixing VCID-gdfw-gryt-8qhg https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-13T07:02:08.839629+00:00 Debian Importer Fixing VCID-w1vc-ugdq-aygx https://security-tracker.debian.org/tracker/data/json 38.3.0
2026-04-02T17:15:17.130145+00:00 Debian Importer Fixing VCID-gdfw-gryt-8qhg https://security-tracker.debian.org/tracker/data/json 38.1.0
2026-04-02T17:08:08.832291+00:00 Debian Importer Fixing VCID-w1vc-ugdq-aygx https://security-tracker.debian.org/tracker/data/json 38.1.0