CVE-2022-41444

Name of the Vulnerable Software and Affected Versions Cacti version 1.2.21

Description The issue is related to a Cross Site Scripting (XSS) vulnerability. It can be exploited via a crafted POST request to the "graphs new.php" endpoint. This vulnerability may allow a remote attacker to perform inter-site script attacks.

Recommendations For Cacti version 1.2.21, consider disabling access to the "graphs new.php" endpoint until a patch is available. Restricting the use of this endpoint can help minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.