CVSS: 7.6EPSS: 82%CPEs: 1EXPL: 1CVE-2023-4347 – Cross-site Scripting (XSS) - Reflected in librenms/librenms
https://notcve.org/view.php?id=CVE-2023-4347
15 Aug 2023 — Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0. Cross-site Scripting (XSS) - Reflejado en el repositorio GitHub librenms/librenms anterior a 23.8.0. • https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 89%CPEs: 1EXPL: 0CVE-2022-3562 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-3562
20 Nov 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Stored Cross-site Scripting (XSS) en el repositorio de GitHub librenms/librenms anterior a 22.10.0. • https://github.com/librenms/librenms/commit/43cb72549d90e338f902b359a83c23d3cb5a2645 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 90%CPEs: 1EXPL: 0CVE-2022-4069 – Cross-site Scripting (XSS) - Generic in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-4069
20 Nov 2022 — Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. Cross-Site Scriptings (XSS) - Genérico en librenms/librenms del repositorio de GitHub anteriores a 22.10.0. • https://github.com/librenms/librenms/commit/8383376f1355812e09ec0c2af67f6d46891b7ba7 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.6EPSS: 42%CPEs: 1EXPL: 1CVE-2022-4068 – Improperly Controlled Modification of Dynamically-Determined Object Attributes in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-4068
20 Nov 2022 — A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account. Un usuario puede habilitar su propia cuenta si un administrador la deshabilitó mientras el usuario aún tiene una sesión válida. Además, el nombre de usuario no se saniti... • https://github.com/librenms/librenms/commit/09a2977adb8bc4b1db116c725d661160c930d3a1 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3561 – Cross-site Scripting (XSS) - Generic in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-3561
20 Nov 2022 — Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0. Cross-site Scripting (XSS) - Genérico en librenms/librenms del repositorio de GitHub anteriores a 22.10.0. • https://github.com/librenms/librenms/commit/d86cbcd96d684e4de8dfa50b4490e4e02782d242 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3516 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-3516
20 Nov 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Cross-Site Scripting (XSS) - Stored en el repositorio de GitHub librenms/librenms anterior a 22.10.0. • https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-4070 – Insufficient Session Expiration in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-4070
20 Nov 2022 — Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0. Caducidad de Sesión Insuficiente en librenms/librenms del repositorio de GitHub anteriores a 22.10.0. • https://github.com/librenms/librenms/commit/ce8e5f3d056829bfa7a845f9dc2757e21e419ddc • CWE-613: Insufficient Session Expiration •
CVSS: 5.5EPSS: 90%CPEs: 1EXPL: 0CVE-2022-4067 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-4067
20 Nov 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0. Cross-Site Scripting (XSS) - Stored en librenms/librenms del repositorio de GitHub antes de 22.10.0. • https://github.com/librenms/librenms/commit/8e85698aa3aa4884c2f3d6c987542477eb64f07c • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-3525 – Deserialization of Untrusted Data in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-3525
20 Nov 2022 — Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0. Deserialización de Datos que no son de confianza en librenms/librenms del repositorio de GitHub anteriores a 22.10.0. • https://github.com/librenms/librenms/commit/ae3925b09ad3c5d0f7a9d5a26ae2f2f778834948 • CWE-502: Deserialization of Untrusted Data •
CVSS: 5.6EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3231 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-3231
17 Sep 2022 — Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub librenms/librenms versiones anteriores a 22.9.0 • https://github.com/librenms/librenms/commit/08050020861230ff96a6507b309cc172a9e70af8 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •