Cross-site scripting (XSS) vulnerability in settings.php in Cacti before
0.8.8d allows remote attackers to inject arbitrary web script or HTML via
0.8.8d in tree.
Added to an existing GLSA Request.
This issue was resolved and addressed in
GLSA 201509-03 at https://security.gentoo.org/glsa/201509-03
by GLSA coordinator Kristian Fiskerstrand (K_F).