Cacti prior to 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
cacti cacti |
||
debian debian linux 9.0 |