Описание
LibreNMS stored Cross-site Scripting via Schedule Maintenance Title parameter
LibreNMS versions 22.8.0 and prior allow attackers to execute arbitrary JavaScript code via the Schedule Maintenance Title parameter. A patch is available and anticipated to be part of version 22.9.0.
Пакеты
Наименование
librenms/librenms
composer
Затронутые версииВерсия исправления
<= 22.8.0
22.9.0
Связанные уязвимости
CVSS3: 5.4
nvd
больше 3 лет назад
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.