PYSEC-2014-114

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/ntopng/PYSEC-2014-114.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2014-114

Withdrawn

2024-11-22T04:37:04Z

Published

2014-06-19T10:50:00Z

Modified

2024-11-21T14:22:57.090340Z

Summary

[none]

Details

Cross-site scripting (XSS) vulnerability in lua/host_details.lua in ntopng 1.1 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

References

https://svn.ntop.org/bugzilla/show_bug.cgi?id=379
http://www.securityfocus.com/bid/66456
http://www.ntop.org/ndpi/released-ndpi-1-5-1-and-ntopng-1-2-1/
http://packetstormsecurity.com/files/127329/Ntop-NG-1.1-Cross-Site-Scripting.html
https://exchange.xforce.ibmcloud.com/vulnerabilities/92135

Affected packages

PyPI / ntopng

Package

Name: ntopng; View open source insights on deps.dev
Purl: pkg:pypi/ntopng

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.5.221205

5.5.221212

5.5.221214

5.5.221221

5.5.221229

5.5.230117

5.5.230124

5.5.230125

5.5.230127

5.5.230130

5.7.230202

5.7.230203

5.7.230213

6.*

6.1.240321