CVE-2024-43364 | Cacti up to 1.2.27 HTTP POST Request links.php title cross site scripting (GHSA-fgc6-g8gc-wcg5)

Posted by Angelo Barbosa | Oct 8, 2024 | CVE

A vulnerability was found in Cacti up to 1.2.27. It has been rated as problematic. Affected by this issue is some unknown functionality of the file links.php of the component HTTP POST Request Handler. The manipulation of the argument title leads to cross site scripting.

This vulnerability is handled as CVE-2024-43364. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43364 | Cacti up to 1.2.27 HTTP POST Request links.php title cross site scripting (GHSA-fgc6-g8gc-wcg5)

Related Posts

CVE-2024-35333 | html2xhtml 1.3 read_charset_decl stack-based overflow

CVE-2024-8784 | QDocs Smart School Management System 7.0.0 Chat /user/chat/mynewuser users[] sql injection

CVE-2024-4923 | Codezips E-Commerce Site 1.0 admin/addproduct.php profilepic unrestricted upload

CVE-2024-4024 | GitLab Community Edition/Enterprise Edition up to 16.9.5/16.10.3/16.11.0 Bitbucket Credentials improper authentication