LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh.
Metrics
Affected Vendors & Products
References
History
Wed, 02 Oct 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Librenms
Librenms librenms |
|
CPEs | cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Librenms
Librenms librenms |
|
Metrics |
ssvc
|
Tue, 01 Oct 2024 20:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh. | |
Title | LibreNMS has a Self-XSS ('Cross-site Scripting') in librenms/includes/html/modal/alert_template.inc.php | |
Weaknesses | CWE-79 | |
References |
|
|
Metrics |
cvssV3_1
|
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-10-01T20:25:39.378Z
Updated: 2024-10-02T13:03:02.417Z
Reserved: 2024-09-25T21:46:10.928Z
Link: CVE-2024-47526
Vulnrichment
Updated: 2024-10-02T13:02:58.851Z
NVD
Status : Analyzed
Published: 2024-10-01T21:15:07.740
Modified: 2024-12-19T15:49:50.127
Link: CVE-2024-47526
Redhat
No data.