Cacti Cross-Site-Scripting Vulnerability Let Attacker Poison Database

A Stored Cross-Site Scripting (Stored XSS) vulnerability was recently discovered in Cacti that allows an authenticated user to poison the data stored in Cacti’s database. Moreover, administrative accounts can view this poisoned data, and JS code executes on the victim’s browser when viewed. Cacti is a web-based open-source network monitoring, fault, and configuration management tool that […]

The post Cacti Cross-Site-Scripting Vulnerability Let Attacker Poison Database appeared first on Cyber Security News.

accounts attacker browser cacti code configuration cross-site data database monitoring network network monitoring scripting stored xss victim vulnerabilities vulnerability web xss