CVE-2014-2326 (cacti, debian_linux, fedora, opensuse)
Cross-site scripting (XSS) vulnerability in cdef.php in Cacti 0.8.7g, 0.8.8b, and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Source: CVE-2014-2326 (cacti, debian_linux, fedora, opensuse)