CVE-2023-39360

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.25

Description The issue is a Stored Cross-Site-Scripting (XSS) vulnerability that allows an authenticated user to poison data. It is found in the graphs new.php file. Several validations are performed, but the returnto parameter is directly passed to form save button. To bypass this validation, returnto must contain host.php. This vulnerability can be exploited by a remote attacker using a specially crafted link.

Recommendations For versions prior to 1.2.25, upgrade to version 1.2.25 or later. For users unable to update, manually filter HTML output as a temporary workaround. Consider restricting access to the graphs new.php file until the issue is resolved. Avoid using the returnto parameter in the affected API endpoint until the issue is resolved. As a temporary mitigation measure, consider disabling the form save button function until a patch is available.