virus logo FortiClient Vulnerability

Improper Escaping LEading to Cross-Site Request Vulnerability CVE-2020-25706 for Cacti

description-logoDescription

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

affected-products-logoAffected Applications

Cacti

CVE References

CVE-2020-25706

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-25706
ID 4036
Created Jan 20, 2022
Description
Updated		 Feb 16, 2022
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor Cacti
Patch manual
Application Cacti