CVE-2022-41444 — Cross-site Scripting in Cacti

Severity

6.1MEDIUMNVD

EPSS

0.3%

top 48.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedAug 22

Description

Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST request to graphs_new.php.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7

▶debiandebian/cacti< cacti 1.2.22+ds1-1 (bookworm)

▶Debiancacti/cacti< 1.2.16+ds1-2+deb11u4+3

▶NVDcacti/cacti1.2.21

OSV

CVE-2022-41444: Cross Site Scripting (XSS) vulnerability in Cacti 1↗2023-08-22

▶

GHSA

GHSA-8f39-x979-279f: Cross Site Scripting (XSS) vulnerability in Cacti 1↗2023-08-22

▶

Debian

CVE-2022-41444: cacti - Cross Site Scripting (XSS) vulnerability in Cacti 1.2.21 via crafted POST reques...↗2022

▶