CVE-2024-43362 | Cacti up to 1.2.27 HTTP POST Request links.php fileurl cross site scripting (GHSA-wh9c-v56x-v77c)

Posted by Angelo Barbosa | Oct 8, 2024 | CVE

A vulnerability was found in Cacti up to 1.2.27. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file links.php of the component HTTP POST Request Handler. The manipulation of the argument fileurl leads to cross site scripting.

This vulnerability is known as CVE-2024-43362. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43362 | Cacti up to 1.2.27 HTTP POST Request links.php fileurl cross site scripting (GHSA-wh9c-v56x-v77c)

Related Posts

CVE-2024-41040 | Linux Kernel up to 5.10.221/5.15.162/6.1.99/6.6.40/6.9.9 tcf_ct_flow_table_process_conn use after free

CVE-2024-6053 | TeamViewer Meeting/Remote Full Client exposure of private personal information to an unauthorized actor

CVE-2023-48379 | Softnext Mail SQR Expert up to 230330 URL Error Response server-side request forgery

CVE-2024-41924 | EC-CUBE PHP Package access control