CVE-2011-5223

Cacti < 0.8.7h - XSS

Title source: rule

Description

Cross-site request forgery (CSRF) vulnerability in logout.php in Cacti before 0.8.7i allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

References (6)

[Various Sources] http://bugs.cacti.net/view.php?id=2062

[Various Sources] http://forums.cacti.net/viewtopic.php?f=21&t=44116

[Various Sources] http://forums.cacti.net/viewtopic.php?f=4&t=45871

[Vendor Advisory] http://secunia.com/advisories/47195

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/51048

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/71792

Scores

EPSS 0.0053

EPSS Percentile 67.1%

Details

CWE

CWE-79

Status published

Products (40)

cacti/cacti

cacti/cacti < 0.8.7h

cacti/cacti

... and 30 more

Published Oct 25, 2012

Tracked Since Feb 18, 2026