EUVD-2021-29811

Malicious code in bioql PyPI...

Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the metric parameter in wireless.inc.php and health.inc.php. Details Cross-site scriptin...

LibreNMS 跨站脚本漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. LibreNMS suffers from a cross-site scripting vulnerability that stems from a reflected...

PT-2024-34660 · Librenms · Librenms

Name of the Vulnerable Software and Affected Versions: LibreNMS versions prior to 24.10.0 Description: A Reflected Cross-Site Scripting XSS vulnerability in the metric parameter of the "/wireless" and "/health" endpoints allows attackers to inject arbitrary JavaScript, potentially compromising a...

CVE-2021-42856

It was discovered that the /DsaDataTest endpoint is susceptible to Cross-site scripting XSS attack. It was noted that the Metric parameter does not have any input checks on the user input that allows an attacker to craft its own malicious payload to trigger a XSS vulnerability...