CVE-2023-50250: 
Cacti vulnerability analysis and mitigation

A reflection cross-site scripting (XSS) vulnerability was discovered in Cacti version 1.2.25, identified as CVE-2023-50250. The vulnerability was found in templates_import.php and allows attackers to perform actions on behalf of other users. The issue was discovered in December 2023 and affects the Cacti operational monitoring and fault management framework (GitHub Advisory, NVD).

The vulnerability exists in the template import functionality of Cacti. When uploading an XML template file that fails validation checks, the server generates a JavaScript pop-up prompt containing an unfiltered XML template filename. The vulnerability occurs because the raise_message_javascript() function receives an unverified file name in the $header variable, leading to potential XSS execution. The CVSS v3.1 base score is 6.1 (MEDIUM) with vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N (NVD).

An attacker exploiting this vulnerability could execute actions on behalf of other users, potentially leading to unauthorized changes to system settings. The vulnerability allows for client-side code execution in the context of the victim's browser session (GitHub Advisory).

The vulnerability was fixed in Cacti version 1.2.26. However, this fix was later found to be incomplete, leading to CVE-2024-29894, which was subsequently addressed in version 1.2.27. Users are advised to upgrade to version 1.2.27 or later to ensure complete protection (Fedora Update).