Jing Chen

**Name of the Vulnerable Software and Affected Versions** Cacti version 1.2.12 **Description** The issue is related to multiple Cross Site Scripting (XSS) vulnerabilities in several components of the Cacti network monitoring tool, including `reports admin.php`, `data queries.php`, `data input.php`, `graph templates.php`, and `graphs.php`. These vulnerabilities can be exploited by a remote attacker to impact data integrity. **Recommendations** For Cacti version 1.2.12, consider disabling the affected components, such as `reports admin.php`, `data queries.php`, `data input.php`, `graph templates.php`, and `graphs.php`, until a patch is available. Restrict access to these vulnerable files to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.