CVE-2010-2544

Description

Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.

How to fix CVE-2010-2544

To remediate CVE-2010-2544, upgrade the affected package to a fixed version below.

• Debian/cacti—upgrade to 0.8.7g-1 or later

Is CVE-2010-2544 being exploited?

Moderate — EPSS is 6.0%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

• from 0, < 0.8.7g-1

References (1)

• ADVISORYsecurity-tracker.debian.org/tracker/CVE-2010-2544