Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . Cacti versions prior to 1.2.26 cross-site scripting vulnerability , the vulnerability stems from graphs_new.php on the lack of effective user-supplied data filtering and escaping , an attacker can be exploited to exploit the vulnerability through the injection of a well-designed payload to execute arbitrary Web script or HTML.
CPE | Name | Operator | Version |
---|---|---|---|
the cacti group cacti | lt | 1.2.26 |