Code injection

2017-08-2107:29:00

PRIOn knowledge base

www.prio-n.com

5.1 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

38.2%

lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.

CPENameOperatorVersion
cactile1.1.17

CPE	Name	Operator	Version
	cacti	le	1.1.17

References

www.securitytracker.com/id/1039226

github.com/Cacti/cacti/blob/develop/docs/CHANGELOG

github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24

github.com/Cacti/cacti/issues/918