Candidate: CVE-2012-0790
PublicDate: 2012-01-24 18:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0790
 http://oss.oetiker.ch/smokeping/pub/CHANGES
Description:
 Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping
 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to
 inject arbitrary web script or HTML via the displaymode parameter.
Ubuntu-Description:
Notes:
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_smokeping:
upstream_smokeping: released (2.6.7)
hardy_smokeping: ignored (reached end-of-life)
lucid_smokeping: released (2.3.6-5+squeeze1build0.10.04.1)
maverick_smokeping: ignored (reached end-of-life)
natty_smokeping: ignored (reached end-of-life)
oneiric_smokeping: released (2.3.6-5+squeeze1build0.11.10.1)
precise_smokeping: not-affected (2.6.7-1)
quantal_smokeping: not-affected (2.6.8-1)
devel_smokeping: not-affected (2.6.8-1)