Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2010-08-23 15:00
Updated : 2023-02-12 20:19
NVD link : CVE-2010-1644
Mitre link : CVE-2010-1644
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
cacti
- cacti