the XSS issue has been found on templates_import.php (Cacti 1.2.13). The vulnerability could be exploited by an attacker by forcing a user to upload a file with a "name" or "xml_path" containing client-side code
The text was updated successfully, but these errors were encountered:
netniV
changed the title
the XSS issue has been found on templates_import.php (Cacti 1.2.13). The vulnerability could be exploited by an attacker by forcing a user to upload a file with a "name" or "xml_path" containing client-side code
Improper escaping of error message leads to XSS during template import preview
Jul 26, 2020
the XSS issue has been found on templates_import.php (Cacti 1.2.13). The vulnerability could be exploited by an attacker by forcing a user to upload a file with a "name" or "xml_path" containing client-side code
The text was updated successfully, but these errors were encountered: