Fluid Attacks Database

Description

Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem	Package	Affected version	Patched versions
debian 13	cacti	>=0 <1.2.22+ds1-1	1.2.22+ds1-1
debian 12	cacti	>=0 <1.2.22+ds1-1	1.2.22+ds1-1
debian 11	cacti	=1.2.16+ds1-2 \|\| =1.2.16+ds1-2+deb11u1 \|\| =1.2.16+ds1-2+deb11u2 \|\| =1.2.16+ds1-2+deb11u3 \|\| >=0 <1.2.16+ds1-2+deb11u4	1.2.16+ds1-2+deb11u4
debian 14	cacti	>=0 <1.2.22+ds1-1	1.2.22+ds1-1

Aliases