CVE-2026-39900 Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the authprofile.php JavaScript context. This issue has been fixed in version 1.2.31...

Cacti Cross-Site Request Forgery Vulnerability (CNVD-2021-37698)

Cacti is a set of open source network traffic monitoring and analysis tools from the Cacti team. The tool through snmpget to get the data , using RRDtool drawing graphs to analyze , and provide data and user management features . A cross-site request forgery vulnerability exists in...

FreeBSD : Cacti -- XSS (XSS) vulnerability in auth_profile.php (f86d0e5d-7467-11e7-93af-005056925db4)

kimiizhang reports : Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

Cross site scripting

Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...

UBUNTU-CVE-2017-11691

Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote attackers to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...

Cacti -- Cross-site scripting (XSS) vulnerability in auth_profile.php

kimiizhang reports: Cross-site scripting XSS vulnerability in authprofile.php in Cacti 1.1.13 allows remote authenticated users to inject arbitrary web script or HTML via specially crafted HTTP Referer headers...