Security update for cacti, cacti-spine
This update for cacti, cacti-spine fixes the following issues:
cacti-spine 1.2.18:
* Fix missing time parameter on FROM_UNIXTIME function
cacti 1.2.18:
* CVE-2020-14424: Lack of escaping on template import can lead to
XSS exposure under 'midwinter' theme (boo#1188188)
* Real time graphs can expose XSS issue
-
Submitted by
Andreas Stieger (AndreasStieger)
Fixed bugs
bnc#1188188
VUL-0: CVE-2020-14424: cacti: Lack of escaping on template import can lead to XSS exposure under 'midwinter' theme
