PT-2024-7373 · Cacti+1 · Cacti+1

Tayfunyelim

Published

2023-07-13

Updated

2025-02-11

CVE-2024-43364

CVSS v3.1

8.2

High

Vector

AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:H

Name of the Vulnerable Software and Affected Versions: Cacti versions prior to 1.2.28

Description: The issue arises from the improper sanitization of the title parameter when saving external links in links.php, which is then stored in the database and reflected back to the user in index.php, leading to stored XSS. Users with the privilege to create external links can manipulate the title parameter in the HTTP POST request to perform stored XSS attacks. This occurs when an application allows untrusted user input to be displayed on a web page without proper validation or escaping.

Recommendations: For versions prior to 1.2.28, upgrade to release version 1.2.28 to address the issue. As a temporary workaround, consider restricting access to the title parameter in the links.php file to minimize the risk of exploitation. Additionally, restrict the privilege to create external links to trusted users only.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

ALT-PU-2023-4394

ALT-PU-2023-4396

ALT-PU-2023-5196

ALT-PU-2024-14329

ALT-PU-2024-14440

ALT-PU-2024-17822

ALT-PU-2025-1813

BDU:2024-08740

CVE-2024-43364

DLA-4048-1

DSA-5862-1

GHSA-FGC6-G8GC-WCG5

Affected Products

Alt Linux

Cacti

PT-2024-7373 · Cacti+1 · Cacti+1

CVE-2024-43364

Weakness Enumeration

Related Identifiers

Affected Products

References · 40