CVE-2013-5588
EPSS 0.33%cacti - several
Published: 8/29/2013Modified: 5/27/2026
Also known as:DEBIAN-CVE-2013-5588
Description
Multiple cross-site scripting (XSS) vulnerabilities in Cacti 0.8.8b and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the step parameter to install/index.php or (2) the id parameter to cacti/host.php.
Affected packages (2)
- Debian/cactifrom 0, < 0.8.8b+dfsg-3
- Debian/cactifrom 0, < 0.8.7g-1+squeeze3