A cross-site scripting (XSS) vulnerability exists in templatesimport.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xmlpath field
{ "ubuntu_priority": "medium" }
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "cacti": "1.2.16+ds1-2ubuntu1" } ] }