Page 3 of 31 results (0.004 seconds)

CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0

LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit `faf66035ea` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. • https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21 https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90 https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0

SQL Injection in GitHub repository librenms/librenms prior to 23.10.0. Inyección SQL en librenms/librenms del repositorio de GitHub anteriores a 23.10.0. • https://github.com/librenms/librenms/commit/908aef65967ce6184bdc587fd105660d5d55129e https://huntr.dev/bounties/54813d42-5b93-440e-b9b1-c179d2cbf090 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1. Cross-Site Scripting (XSS): DOM en librenms/librenms del repositorio de GitHub anteriores a 23.9.1. • https://github.com/librenms/librenms/commit/8fd8d9b06a11060de5dc69588a1a83594a7e6f72 https://huntr.dev/bounties/01b0917d-f92f-4903-9eca-bcfc46e847e3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS): almacenado en el repositorio de GitHub librenms/librenms anterior a 23.9.0. • https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769 https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0. Cross-site Scripting (XSS): DOM en librenms/librenms del repositorio de GitHub anteriores a 23.9.0. • https://github.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7 https://huntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •