CVE-2024-29894Improper Encoding or Escaping of Output in Cacti

CWE-116Improper Encoding or Escaping of OutputCWE-79Cross-site Scripting6 documents5 sources
Severity
4.7MEDIUMNVD
CNA5.4OSV6.1
EPSS
0.2%
top 62.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
CactiFedoraproject Fedora
Timeline
PublishedMay 14
Latest updateAug 20

Description

Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An a

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages3 packages

CVEListV5cacti/cacti< 1.2.27
NVDcacti/cacti< 1.2.27
Debiancacti/cacti< 1.2.24+ds1-1+deb12u3+2

Also affects: Fedora 39

🔴Vulnerability Details

3
OSV
cacti vulnerabilities2024-08-20
OSV
CVE-2024-29894: Cacti provides an operational monitoring and fault management framework2024-05-14
CVEList
Cacti Cross-site Scripting vulnerability when using JavaScript based messaging API2024-05-13

📋Vendor Advisories

2
Ubuntu
Cacti vulnerabilities2024-08-20
Debian
CVE-2024-29894: cacti - Cacti provides an operational monitoring and fault management framework. Version...2024
CVE-2024-29894 — Cacti vulnerability | cvebase