Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool. For the stable distribution (wheezy), these problems have been fixed in version 0.8.8a+dfsg-5+deb7u3. For the testing distribution (jessie), these problems have been fixed in version 0.8.8b+dfsg-6. For the unstable distribution (sid), these problems have been fixed in version 0.8.8b+dfsg-6. We recommend that you upgrade your cacti packages.
Multiple security issues (cross-site scripting, cross-site request forgery, SQL injections, missing input sanitising) have been found in Cacti, a web frontend for RRDTool.
For the stable distribution (wheezy), these problems have been fixed in version 0.8.8a+dfsg-5+deb7u3.
For the testing distribution (jessie), these problems have been fixed in version 0.8.8b+dfsg-6.
For the unstable distribution (sid), these problems have been fixed in version 0.8.8b+dfsg-6.
We recommend that you upgrade your cacti packages.