Veracode Vulnerability DatabaseVERACODE:47085Cross-Site Scripting
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H
AI Score
Confidence
Low
Cacti is vulnerable to Cross-site Scripting. The vulnerability is due to malicious scripts being permanently stored on a target server and served to users who access a particular page, which attackers can use to execute scripts in the context of the user’s browser, potentially leading to unauthorized actions or data theft.
Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:H
AI Score
Confidence
Low