Description
Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the auth_profile.php JavaScript context. This issue has been fixed in version 1.2.31.
Published: 2026-06-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

Cacti is vulnerable to a reflected Cross‑Site Scripting flaw that propagates through the "tab" parameter in auth_profile.php. The parameter value is injected directly into the page’s JavaScript context, so if an attacker supplies a malicious value, arbitrary JavaScript will run in the victim’s browser. This code executes with the privileges of the user who is viewing the page and can manipulate page content or access data available to that user.

Affected Systems

Cacti, versions 1.2.30 and earlier are affected. The vulnerability was resolved in version 1.2.31 and later.

Risk and Exploitability

The CVSS score of 5.3 indicates a moderate severity potential. No EPSS data is published, and the vulnerability is not listed in the CISA KEV catalog, suggesting that widespread exploitation has not been observed. The likely attack vector requires a victim to click or otherwise navigate to a URL that includes a crafted "tab" parameter; the malicious content is then reflected into the JavaScript context of the page.

Generated by OpenCVE AI on June 25, 2026 at 00:50 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Cacti to version 1.2.31 or later, which removes the vulnerable handling of the tab parameter.
  • If an upgrade is not immediately possible, enforce validation on the tab parameter, accepting only known safe values or rejecting the request if the value does not match a whitelist.
  • Apply a strict Content Security Policy for all dynamic content to reduce the impact of any remaining reflection of unescaped data.

Generated by OpenCVE AI on June 25, 2026 at 00:50 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 25 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Thu, 25 Jun 2026 05:30:00 +0000

Type Values Removed Values Added
First Time appeared Cacti
Cacti cacti
Vendors & Products Cacti
Cacti cacti

Wed, 24 Jun 2026 22:45:00 +0000

Type Values Removed Values Added
Description Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Reflected XSS via tab parameter in the auth_profile.php JavaScript context. This issue has been fixed in version 1.2.31.
Title Cacti: Reflected XSS via tab parameter in auth_profile.php JavaScript context
Weaknesses CWE-79
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-06-25T12:28:13.758Z

Reserved: 2026-04-07T20:32:03.012Z

Link: CVE-2026-39900

cve-icon Vulnrichment

Updated: 2026-06-25T12:28:10.739Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-25T05:15:03Z

Weaknesses
  • CWE-79

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')