CVE-2017-12978

CVE-2017-12978

EPSS 0.8%

lib/html.php in Cacti before 1.1.18 has XSS via the title field of an external link added by an authenticated user.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/Cacti/cacti/blob/develop/docs/CHANGELOG https://github.com/Cacti/cacti/commit/9c610a7a4e29595dcaf7d7082134e4b89619ea24 https://github.com/Cacti/cacti/issues/918 http://www.securitytracker.com/id/1039226