{"id":"CVE-2021-26247","details":"As an unauthenticated remote user, visit \"http://\u003cCACTI_SERVER\u003e/auth_changepassword.php?ref=\u003cscript\u003ealert(1)\u003c/script\u003e\" to successfully execute the JavaScript payload present in the \"ref\" URL parameter.","modified":"2026-03-13T01:56:36.710513Z","published":"2022-01-19T21:15:08.237Z","references":[{"type":"ADVISORY","url":"https://www.cacti.net/info/changelog"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-26247.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"0.8.7g"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}