Closed
Description
By xiaotian.wang@DBAppSecurity.com.cn
Cross-site scripting (XSS) vulnerability in link.php in Cacti 1.1.12 allows remote anonymous users to inject arbitrary web script or HTML via the id parameter.
eg: http://192.168.1.206/cacti/link.php?id=1"</td><script>alert(/cacti/)</script>
Metadata
Metadata
Assignees
Labels
No labels
