Cacti Development Team

1 exploit Active since Jan 2019
CVE-2018-20723 WRITEUP MEDIUM WRITEUP
Cacti < 1.2.0 - Stored Cross-Site Scripting in Color Name Field
A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color.
CVSS 4.8