Описание
LibreNMS is PHP/MySQL/SNMP based network monitoring software. LibreNMS v25.4.0 and prior suffers from a Stored Cross-Site Scripting (XSS) Vulnerability in the group name parameter of the http://localhost/poller/groups form. This vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. LibreNMS v25.5.0 contains a patch for the issue.
Ссылки
- Product
- Patch
- Issue TrackingPatch
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 25.5.0 (исключая)
cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*
EPSS
Процентиль: 0%
0.00002
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79
Связанные уязвимости
github
9 месяцев назад
LibreNMS stored Cross-site Scripting vulnerability in poller group name
EPSS
Процентиль: 0%
0.00002
Низкий
6.1 Medium
CVSS3
Дефекты
CWE-79