Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 04:19
Type | Values Removed | Values Added |
---|---|---|
Summary | Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products, allow remote attackers to inject arbitrary web script or HTML via the (1) hostname or (2) description parameter to host.php, or (3) the host_id parameter to data_sources.php. | |
References |
|
02 Feb 2023, 17:17
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2010-1644 cacti: XSS issues in host.php and data_sources.php (VUPEN/ADV-2010-1203) | |
References |
|
Information
Published : 2010-08-23 22:00
Updated : 2023-12-10 11:03
NVD link : CVE-2010-1644
Mitre link : CVE-2010-1644
CVE.ORG link : CVE-2010-1644
JSON object : View
Products Affected
cacti
- cacti
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')