CVE-2021-3816

EPSS 0.5%CWE-79

Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the group_prefix field during the creation of a new group via "Copy" method at user_group_admin.php.

Produtos afetados

n/a · Cacti

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.cacti.net/info/changelog