CVE-2024-29894
Improper Encoding or Escaping of Output (CWE-116)
Cacti provides an operational monitoring and fault management framework. Versions of Cacti prior to 1.2.27 contain a residual cross-site scripting vulnerability caused by an incomplete fix for CVE-2023-50250. `raise_message_javascript` from `lib/functions.php` now uses purify.js to fix CVE-2023-50250 (among others). However, it still generates the code out of unescaped PHP variables `$title` and `$header`. If those variables contain single quotes, they can be used to inject JavaScript code. An attacker exploiting this vulnerability could execute actions on behalf of other users. This ability to impersonate users could lead to unauthorized changes to settings. Version 1.2.27 fixes this issue.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:L
Timeline
Feedly found the first article mentioning CVE-2024-29894. See article
Feedly estimated the CVSS score as HIGH
Feedly estimated the CVSS score as MEDIUM
EPSS Score was set to: 0.04% (Percentile: 8.4%)
NVD published the first details for CVE-2024-29894
A CVSS base score of 5.4 has been assigned.
Detection for the vulnerability has been added to Qualys (510854)
CVE-2024-29894 is a critical vulnerability that only affects Ubuntu 24.04 LTS. It is important to note that this vulnerability has the potential to be exploited in the wild, although there are currently no proof-of-concept exploits available. It is recommended to apply any patches or mitigations provided by the vendor to prevent any downstream impacts to other third party vendors or technology. See article
Detection for the vulnerability has been added to Nessus (206445)