CVE-2024-43365 | Cacti up to 1.2.27 HTTP POST Request links.php consolenewsection cross site scripting (GHSA-49f2-hwx9-qffr)

Posted by Angelo Barbosa | Oct 8, 2024 | CVE

A vulnerability classified as problematic has been found in Cacti up to 1.2.27. This affects an unknown part of the file links.php of the component HTTP POST Request Handler. The manipulation of the argument consolenewsection leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2024-43365. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43365 | Cacti up to 1.2.27 HTTP POST Request links.php consolenewsection cross site scripting (GHSA-49f2-hwx9-qffr)

Related Posts

CVE-2024-32726 | vinoth06 Frontend Dashboard Plugin up to 2.2.2 on WordPress information disclosure

CVE-2023-45206 | Zimbra Collaboration Suite 8.8.15/9.0/10.0 Document Endpoint cross site scripting

CVE-2024-0370 | Views for WPForms Plugin up to 3.2.2 on WordPress save_view authorization

CVE-2024-43799 | pillarjs send up to 0.18.x HTTP Response sendStream.redirect cross site scripting