In clearFilter() in utilities.php in Cacti before 1.2.3, no escaping occurs before printing out the value of the SNMP community string (SNMP Options) in the View poller cache, leading to XSS.
CPE | Name | Operator | Version |
---|---|---|---|
cacti | lt | 1.2.3 | |
debian_linux | eq | 8.0 | |
debian_linux | eq | 9.0 |