Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
CactiCacti

3 matches found

CVE
CVEadded 2022/01/19 9:15 p.m.55 views

CVE-2021-26247

As an unauthenticated remote user, visit "http:///auth_changepassword.php?ref=" to successfully execute the JavaScript payload present in the "ref" URL parameter.

6.1CVSS6.4AI score0.28433EPSS
CVE
CVEadded 2022/01/19 9:15 p.m.54 views

CVE-2021-23225

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.

5.4CVSS5.5AI score0.00651EPSS
CVE
CVEadded 2022/01/19 9:15 p.m.52 views

CVE-2021-3816

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.

5.4CVSS5.2AI score0.00436EPSS