Metrics
Affected Vendors & Products
Thu, 19 Dec 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV4_0
|
cvssV4_0
|
Thu, 19 Dec 2024 16:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Fri, 22 Nov 2024 12:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
cvssV3_1
|
Wed, 02 Oct 2024 13:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Librenms
Librenms librenms |
|
CPEs | cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:* | |
Vendors & Products |
Librenms
Librenms librenms |
|
Metrics |
cvssV3_1
|
Tue, 01 Oct 2024 20:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Stored Cross-Site Scripting (XSS) can be achieved by uploading a new Background for a Custom Map. Users with "admin" role can set background for a custom map, this allow the upload of SVG file that can contain XSS payload which will trigger on load. This led to Stored Cross-Site Scripting (XSS). The vulnerability is fixed in 24.9.0. | |
Title | LibreNMS Contains a Stored XSS via File Upload | |
Weaknesses | CWE-116 CWE-434 CWE-79 |
|
References |
| |
Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: GitHub_M
Published: 2024-10-01T20:20:15.231Z
Updated: 2024-12-19T20:14:51.676Z
Reserved: 2024-09-25T21:46:10.928Z
Link: CVE-2024-47528
Updated: 2024-10-02T13:03:39.424Z
Status : Modified
Published: 2024-10-01T21:15:08.273
Modified: 2024-12-19T21:15:08.227
Link: CVE-2024-47528
No data.