CVE-2014-5026
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b allow remote authenticated users with console access to inject arbitrary web script or HTML via a (1) Graph Tree Title in a delete or (2) edit action.
(3) CDEF Name, (4) Data Input Method Name, or (5) Host Templates Name in a delete action.
(6) Data Source Title.
(7) Graph Title.
or (8) Graph Template Name in a delete or (9) duplicate action.
LOW · CVSS 3.5
EPSS 0.00347
Monitor
- No active-exploitation, high-EPSS, or public-exploit signals - routine patching cadence
Sigma rules0
YARA rules0