CVE-2024-43362: 
Cacti vulnerability analysis and mitigation

CVE-2024-43362 is a stored Cross-Site Scripting (XSS) vulnerability discovered in Cacti, an open-source performance and fault management framework. The vulnerability was disclosed on October 7, 2024, affecting versions up to 1.2.27, and has been patched in version 1.2.28. The issue stems from improper sanitization of the fileurl parameter when saving external links in links.php (GitHub Advisory).

The vulnerability occurs when the fileurl parameter is not properly sanitized during the creation of external links. The unsanitized input is subsequently placed in HTML code which is passed to the print function in both link.php and index.php. Users with privileges to create external links can manipulate the fileurl parameter in HTTP POST requests to perform stored XSS attacks. The vulnerability has been assigned a CVSS v3.1 base score of 7.3 (High) with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:H (GitHub Advisory).

The successful exploitation of this vulnerability could allow attackers to perform actions on the web application on behalf of other users, including administrative users. This could lead to unauthorized access to sensitive information and potential compromise of user sessions (GitHub Advisory).

The vulnerability has been patched in Cacti version 1.2.28. All users are advised to upgrade to this version as there are no known workarounds for this issue (NVD).