Download
| Alert*
DSA-2651-1 smokeping -- cross-site scripting vulnerability
A cross-site scripting vulnerability was discovered in smokeping, a latency logging and graphing system. Input passed to the "displaymode" parameter was not properly sanitized. An attacker could use this flaw to execute arbitrary HTML and script code in a user"s browser session in the context of an affected site.
|