exploitDog

CVE-2023-48295

Опубликовано: 17 нояб. 2023

Источник: nvd

CVSS3: 6.3

CVSS3: 5.4

EPSS Низкий

Описание

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit faf66035ea which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*

Версия до 23.11.0 (исключая)

EPSS

Процентиль: 52%

0.00295

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

GHSA-8phr-637g-pxrg

CVSS3: 6.3

github

около 2 лет назад

LibreNMS Cross-site Scripting at Device groups Deletion feature

EPSS

Процентиль: 52%

0.00295

Низкий

6.3 Medium

CVSS3

5.4 Medium

CVSS3

Дефекты

CWE-79