Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary HTML in the groupprefix field during the creation of a new group via "Copy" method at usergroup_admin.php.
{ "extracted_events": [ { "introduced": "1.1.38" }, { "last_affected": "1.1.38" } ], "source": "CPE_STRING", "cpe": "cpe:2.3:a:cacti:cacti:1.1.38:*:*:*:*:*:*:*" }
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3816.json"