CVE-2022-48547

🗓️ 22 Aug 2023 19:16:00Reported by ubuntu.comType

ubuntucve

ubuntucve🔗 ubuntu.com👁 19 Views

Cacti 0.8.7g XSS vulnerability in auth_changepassword.php

Reporter	Title	Published	Views	Family All 19
ATTACKERKB	CVE-2022-48547	22 Aug 202319:16	–	attackerkb
BDU FSTEC	The vulnerability of the auth_changepassword.php component of the Cacti network monitoring software allows a attacker to perform XSS attacks.	26 Sep 202300:00	–	bdu_fstec
Circl	CVE-2022-48547	22 Aug 202322:21	–	circl
CNNVD	Cacti 跨站脚本漏洞	22 Aug 202300:00	–	cnnvd
CVE	CVE-2022-48547	22 Aug 202300:00	–	cve
Cvelist	CVE-2022-48547	22 Aug 202300:00	–	cvelist
Debian CVE	CVE-2022-48547	22 Aug 202300:00	–	debiancve
EUVD	EUVD-2022-51243	3 Oct 202520:07	–	euvd
Tenable Nessus	GLSA-202412-02 : Cacti: Multiple Vulnerabilities	9 Dec 202400:00	–	nessus
Tenable Nessus	Linux Distros Unpatched Vulnerability : CVE-2022-48547	27 Aug 202500:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	22.04	any	cacti	0	cacti_0_any.deb
Ubuntu	18.04	any	cacti	0	cacti_0_any.deb
Ubuntu	20.04	any	cacti	0	cacti_0_any.deb
Ubuntu	24.04	any	cacti	0	cacti_0_any.deb
Ubuntu	25.10	any	cacti	0	cacti_0_any.deb
Ubuntu	26.04	any	cacti	0	cacti_0_any.deb
Ubuntu	14.04	any	cacti	0	cacti_0_any.deb

Source	Link
github	www.github.com/Cacti/cacti/issues/1882
cve	www.cve.org/CVERecord

11 Jul 2025 07:53Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.16.1

EPSS0.00719

SSVC

reflected cross-site scripting unauthenticated remote attackers arbitrary web script injection html injection cve-2022-48547