Cacti.graphs.PHP.XSS
Description
This indicates an attack attempt to exploit a Cross-Site Scripting vulnerability in Cacti, which was discovered by Fortinet's FortiGuard Labs.
The vulnerability exists due to insufficiently sanitizing user-supplied data in HTTP request sent to graphs.php so that remote attackers can exploit it to launch XSS attack.
Affected Products
Cacti Version 0.8.8c
Impact
System Compromise: Remote attackers can execute arbitrary script code within the context of the target user's browser.
Recommended Actions
Upgrade to the latest version, available from the website.
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |