VIR Vulnerability Intelligence Relay

CVE-2012-0790

medium
Published 2012-01-24 ยท Modified 2026-04-29
๐Ÿ’ฌ Discuss on Community โœš Propose mitigation
CVSS v3
โ€”
CVSS v4 NEW
โ€”
not yet in upstream
VIR risk
4.3

Description

Cross-site scripting (XSS) vulnerability in smokeping_cgi in Smokeping 2.4.2, 2.6.6, and other versions before 2.6.7 allows remote attackers to inject arbitrary web script or HTML via the displaymode parameter.

Predictions

Exploit likelihood
20%
Patch ETA
โ€”

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

No mitigations published for this CVE yet.

The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ€” if you've already worked around this in production โ€” publish your fix to the community-verified tier.

โœš Propose a mitigation on Community โ†’ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here with source_tier=community-verified.

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed2.6.8-2
debian debianbullseyefixed2.6.8-2
debian debianforkyfixed2.6.8-2
debian debiansidfixed2.6.8-2
debian debiantrixiefixed2.6.8-2

Application impact
VendorProductVersionsFixed
oetikersmokeping{"endIncluding":"2.6.6"}
oetikersmokeping0.99.5
oetikersmokeping0.99.6
oetikersmokeping0.99.7
oetikersmokeping0.99.8
oetikersmokeping0.99.9
oetikersmokeping0.99.10
oetikersmokeping0.99.11
oetikersmokeping0.99.12
oetikersmokeping0.99.13
oetikersmokeping0.99.14
oetikersmokeping0.99.15
oetikersmokeping0.99.16
oetikersmokeping0.99.17
oetikersmokeping0.99.18
oetikersmokeping1.0
oetikersmokeping1.1
oetikersmokeping1.2
oetikersmokeping1.3
oetikersmokeping1.4
oetikersmokeping1.5
oetikersmokeping1.6
oetikersmokeping1.7
oetikersmokeping1.8
oetikersmokeping1.9
oetikersmokeping1.10
oetikersmokeping1.11
oetikersmokeping1.12
oetikersmokeping1.13
oetikersmokeping1.14
oetikersmokeping1.15
oetikersmokeping1.16
oetikersmokeping1.17
oetikersmokeping1.18
oetikersmokeping1.19
oetikersmokeping1.20
oetikersmokeping1.21
oetikersmokeping1.22
oetikersmokeping1.23
oetikersmokeping1.24
oetikersmokeping1.25
oetikersmokeping1.26
oetikersmokeping1.27
oetikersmokeping1.28
oetikersmokeping1.29
oetikersmokeping1.30
oetikersmokeping1.31
oetikersmokeping1.34
oetikersmokeping1.36
oetikersmokeping1.37
oetikersmokeping1.38
oetikersmokeping2.0
oetikersmokeping2.0.0
oetikersmokeping2.0.1
oetikersmokeping2.0.2
oetikersmokeping2.0.3
oetikersmokeping2.0.4
oetikersmokeping2.0.5
oetikersmokeping2.0.6
oetikersmokeping2.0.7
oetikersmokeping2.0.8
oetikersmokeping2.0.9
oetikersmokeping2.1.0
oetikersmokeping2.1.1
oetikersmokeping2.2.0
oetikersmokeping2.2.1
oetikersmokeping2.2.2
oetikersmokeping2.2.3
oetikersmokeping2.2.4
oetikersmokeping2.2.5
oetikersmokeping2.2.6
oetikersmokeping2.2.7
oetikersmokeping2.3.0
oetikersmokeping2.3.1
oetikersmokeping2.3.2
oetikersmokeping2.3.3
oetikersmokeping2.3.4
oetikersmokeping2.3.5
oetikersmokeping2.3.6
oetikersmokeping2.4.0
oetikersmokeping2.4.1
oetikersmokeping2.4.2
oetikersmokeping2.5.0
oetikersmokeping2.5.1
oetikersmokeping2.6.0
oetikersmokeping2.6.1
oetikersmokeping2.6.2
oetikersmokeping2.6.3
oetikersmokeping2.6.4
oetikersmokeping2.6.5

References

CWEs

CWE-79

Community-verified mitigations for this CVE will appear above when contributors publish them.

Verify integrity in audit chain (admin only). AS-IS.