Unrated severityNVD Advisory· Published Jan 19, 2022· Updated Aug 3, 2024
CVE-2021-23225
CVE-2021-23225
Description
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: =1.1.38
Patches
Vulnerability mechanics
References
2- lists.debian.org/debian-lts-announce/2022/03/msg00038.htmlmitremailing-listx_refsource_MLIST
- www.cacti.net/info/changelogmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.