CVE-2024-22119 Stored XSS in graph items select form

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section...

SUSE CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

DEBIAN-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

UBUNTU-CVE-2020-7106

Cacti 1.2.8 has stored XSS in datasources.php, colortemplatesitem.php, graphs.php, graphitems.php, lib/apiautomation.php, useradmin.php, and usergroupadmin.php, as demonstrated by the description parameter in datasources.php a raw string from the database that is displayed by $header to trigger t...

PT-2020-19374 · Cacti +2 · Cacti +2

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.8 Description: The issue concerns stored XSS in several PHP files, including data sources.php, color templates item.php, graphs.php, graph items.php, lib/api automation.php, user admin.php, and user group admin.php. This is...