CVE-2022-36746
https://notcve.org/view.php?id=CVE-2022-36746
LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php. Se ha detectado que LibreNMS versión v22.6.0, contiene una vulnerabilidad de tipo cross-site scripting por medio del componente oxidized-cfg-check.inc.php • https://github.com/librenms/librenms/pull/14126 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-29712
https://notcve.org/view.php?id=CVE-2022-29712
LibreNMS v22.3.0 was discovered to contain multiple command injection vulnerabilities via the service_ip, hostname, and service_param parameters. Se ha detectado que LibreNMS versión v22.3.0, contiene múltiples vulnerabilidades de inyección de comandos por medio de los parámetros service_ip, hostname y service_param • https://github.com/librenms/librenms/pull/13932 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-29711
https://notcve.org/view.php?id=CVE-2022-29711
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php. Se ha detectado que LibreNMS versión v22.3.0, contenía una vulnerabilidad de tipo cross-site scripting (XSS) por medio del componente /Table/GraylogController.php • https://github.com/librenms/librenms/commit/cc6112b8fb36039b862b42d86eb79ef7ee89d31b https://github.com/librenms/librenms/pull/13931 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0772 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-0772
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en el repositorio de GitHub librenms/librenms versiones anteriores a 22.2.2. • https://github.com/librenms/librenms/commit/703745d0ed3948623153117d761ce48514e2f281 https://huntr.dev/bounties/faae29bd-c43a-468d-8af6-2b6aa4d40f09 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0589 – Cross-site Scripting (XSS) - Stored in librenms/librenms
https://notcve.org/view.php?id=CVE-2022-0589
Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0. Una vulnerabilidad de tipo Cross-site Scripting (XSS) - Almacenado en Packagist librenms/librenms versiones anteriores a 22.1.0 • https://github.com/librenms/librenms/commit/4c9d4eefd8064a0285f9718ef38f5617d7f9d6fa https://huntr.dev/bounties/d943d95c-076f-441a-ab21-cbf6b15f6768 https://notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •