Fortinet Discovers Cacti Cross-Site Scripting (XSS) Vulnerability
Summary
Fortinet's FortiGuard Labs has discovered a cross-site scripting (XSS) vulnerability in Cacti.Cacti is a complete network graphing solution designed to harness the power of RRDTool's data storage and graphing functionality. Cacti provides a fast poller, advanced graph templating, multiple data acquisition methods, and user management features out of the box. All of these are wrapped in an intuitive, easy to use interface that makes sense for LAN-sized installations up to complex networks with hundreds of devices.
The vulnerability exists due to insufficiently sanitizing user-supplied data in HTTP request sent to graphs.php so that remote attackers can exploit it to launch XSS attack. Successful exploitation of this vulnerability would allow injection and execution of arbitrary HTML and script code in the target user's browser in the security context of the affected Cacti.
Solutions
FortiGuard Labs released the following FortiGate IPS signature which covers this specific vulnerability:Cacti.graphs.php.XSS
Released Mar 20, 2015
Users should apply the solution provided by Cacti.