CVE-2020-25706

Summary

A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field

Affected Software

VendorProductVersion RangeStatus
The Cacti Group, Inc.cacti1.2.13affected

Weaknesses

  • CWE-79: CWE-79

ADP Enrichment

CVE Program Container

Additional References

References