Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat High Performance Computing (HPC) Solution and other products, allows remote attackers to inject arbitrary web script or HTML via the filter parameter.
cacti.net/release_notes_0_8_7g.php
marc.info/?l=oss-security&m=127978954522586&w=2
marc.info/?l=oss-security&m=128017203704299&w=2
secunia.com/advisories/41041
svn.cacti.net/viewvc/cacti/branches/0.8.7/utilities.php?r1=6025&r2=6024&pathrev=6025
svn.cacti.net/viewvc?view=rev&revision=6025
www.mandriva.com/security/advisories?name=MDVSA-2010:160
www.securityfocus.com/bid/42575
www.vupen.com/english/advisories/2010/2132
bugzilla.redhat.com/show_bug.cgi?id=459105
exchange.xforce.ibmcloud.com/vulnerabilities/61226
rhn.redhat.com/errata/RHSA-2010-0635.html