{"id":"DEBIAN-CVE-2014-2326","details":"Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web  script or HTML via unspecified vectors.","modified":"2026-05-27T11:01:02.922514884Z","published":"2014-03-27T16:55:05.693Z","upstream":["CVE-2014-2326"],"references":[{"type":"ADVISORY","url":"https://security-tracker.debian.org/tracker/CVE-2014-2326"}],"affected":[{"package":{"name":"cacti","ecosystem":"Debian:11","purl":"pkg:deb/debian/cacti?arch=source&distro=bullseye"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.8b+dfsg-4"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-2326.json"}},{"package":{"name":"cacti","ecosystem":"Debian:12","purl":"pkg:deb/debian/cacti?arch=source&distro=bookworm"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.8b+dfsg-4"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-2326.json"}},{"package":{"name":"cacti","ecosystem":"Debian:13","purl":"pkg:deb/debian/cacti?arch=source&distro=trixie"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.8b+dfsg-4"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-2326.json"}},{"package":{"name":"cacti","ecosystem":"Debian:14","purl":"pkg:deb/debian/cacti?arch=source&distro=forky"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.8.8b+dfsg-4"}]}],"ecosystem_specific":{"urgency":"not yet assigned"},"database_specific":{"source":"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2014-2326.json"}}],"schema_version":"1.7.5"}