The host is installed with Cacti before 1.2.27 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle issues in raise_message_javascript function. Successful exploitation allows an attacker to cause unspecified impact.