Nemesis1695

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.27 Description: Cacti provides an operational monitoring and fault management framework. The issue is related to stored cross-site scripting, where malicious scripts are permanently stored on a target server and served to users who access a particular page. This occurs due to a lack of protection for the web page structure, allowing a remote attacker to execute cross-site scripting using a specially crafted page. Recommendations: For versions prior to 1.2.27, update to version 1.2.27, which contains a patch for the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.