Security Advisory

CVE-2024-31444

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-05-13 15:03:58

Last updated 2025-11-04 16:11:57

Assigner GitHub_M

State PUBLISHED

Description

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in `automation_tree_rules_form_save()` function in `automation_tree_rules.php` is not thoroughly checked and is used to concatenate the HTML statement in `form_confirm()` function from `lib/html.php` , finally resulting in cross-site scripting. Version 1.2.27 contains a patch for the issue.

← Browse all CVEs View on cve.org ↗