CVE-2020-7106

Description

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).

CVSS Metrics

• v3.1•MEDIUM•Score: 6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
• v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 3.53%• Percentile: 88%

Techniques & Countermeasures

• CWE-79•Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Affected Systems

• Unknown•Cacti

  < 1.2.9

• debian•debian_linux

  8.0 | 9.0

• fedoraproject•extra_packages_for_enterprise_linux

  7.0 | 8.0 | 9.0

• fedoraproject•fedora

  30 | 31

• opensuse•backports_sle

  15.0:sp1

• opensuse•leap

  15.1

• suse•package_hub

  na

References (11)

• https://github.com/Cacti/cacti/issues/3191
• https://lists.debian.org/debian-lts-announce/2020/01/msg00014.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SUSOTOIEJKD2IWJHN7TY56TDZJQZJUVJ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XLZAMGTW2OSIBLYLXWHQBGWP7M4DTRS7/
• http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00001.html
• http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00005.html
• https://security.gentoo.org/glsa/202003-40
• http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00042.html
• http://lists.opensuse.org/opensuse-security-announce/2020-04/msg00048.html
• http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00032.html
• https://lists.debian.org/debian-lts-announce/2022/03/msg00038.html