Cross-site scripting (XSS) vulnerability in data_sources.php in Cacti 0.8.8b allows remote authenticated users with console access to inject arbitrary web script or HTML via the name_cache parameter in a ds_edit action.
References
Configurations
History
No history.
Information
Published : 2014-10-20 17:55
Updated : 2025-04-12 10:46
NVD link : CVE-2014-5025
Mitre link : CVE-2014-5025
CVE.ORG link : CVE-2014-5025
JSON object : View
Products Affected
debian
- debian_linux
cacti
- cacti
opensuse
- opensuse
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')