A reflected cross-site scripting (XSS) vulnerability in Cacti 0.8.7g and previous versions allows unauthenticated remote malicious users to inject arbitrary web script or HTML in the "ref" parameter at auth_changepassword.php.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
cacti cacti |
Vulmon