You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
As reported by Eldar Marcussen of xen1thLabs, Cacti's unserialization of form data does not properly validate the form input which can result in unsafe unserialization operations.
Cacti should always check serialized data for expected formatting, or utilize JSON data within the form post to avoid the use of the unserialize() function when dealing with untrusted data.
The text was updated successfully, but these errors were encountered: