Cacti < 0.8.7g Multiple XSS and HTML Injection Vulnerabilities
Medium Nessus Plugin ID 57617
SynopsisThe remote web server is running a PHP application that is affected by
multiple cross-site scripting and HTML injection vulnerabilities.
DescriptionAccording to its self-reported version number, the Cacti application
running on the remote web server is prior to version 0.8.7g. It is,
therefore, potentially affected by multiple cross-site scripting and
HTML injection vulnerabilities. An attacker may be able to exploit
these issues to inject arbitrary HTML or script code into a user's
browser to be executed within the security context of the affected
SolutionUpgrade to Cacti 0.8.7g or later.