Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2024-31443

Published: 14/05/2024 Updated: 14/05/2024

Vulnerability Summary

Cacti provides an operational monitoring and fault management framework. before 1.2.27, some of the data stored in `form_save()` function in `data_queries.php` is not thoroughly checked and is used to concatenate the HTML statement in `grow_right_pane_tree()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

References

https://github.com/Cacti/cacti/security/advisories/GHSA-rqc8-78cm-85j3https://github.com/Cacti/cacti/commit/f946fa537d19678f938ddbd784a10e3290d275cfhttps://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073CVE-2024-5496CVE-2024-5495XPath injectionbypassCVE-2024-30043CVE-2024-24919denial of serviceCVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook