Описание
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the Service template name, which can lead to stored Cross-site Scripting. Version 24.4.0 fixes this vulnerability.
Ссылки
- Product
- Patch
- ExploitVendor Advisory
- Product
- Patch
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 24.4.0 (исключая)
cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00681
Низкий
7.1 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79
Связанные уязвимости
CVSS3: 7.1
github
почти 2 года назад
LibreNMS uses Improper Sanitization on Service template name leads to Stored XSS
EPSS
Процентиль: 71%
0.00681
Низкий
7.1 High
CVSS3
5.4 Medium
CVSS3
Дефекты
CWE-79
CWE-79