CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-26247

As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.284

EPSS Ranking 96.3%

CVSS Severity

CVSS v3 Score 6.1

CVSS v2 Score 4.3

References

https://www.cacti.net/info/changelog
https://www.cacti.net/info/changelog

Products affected by CVE-2021-26247

Cacti » Cacti » Version: 0.8.7g

cpe:2.3:a:cacti:cacti:0.8.7g

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-26247

Products

Pricing

Contact Us