Amazon Linux 1 Security Advisory: ALAS-2017-923
Advisory Release Date: 2017-11-15 19:56 Pacific
Advisory Updated Date: 2017-11-20 21:38 Pacific
Severity:
Medium
Issue Overview:
include/global_session.php in Cacti 1.1.25 has XSS related to (1) the URI or (2) the refresh page. (CVE-2017-15194)
Affected Packages:
cacti
Issue Correction:
Run yum update cacti to update your system.
New Packages:
noarch:
cacti-1.1.19-2.18.amzn1.noarch
src:
cacti-1.1.19-2.18.amzn1.src