16 matches found
EUVD-2025-25142
Malicious code in bioql PyPI...
Cross-site Scripting (XSS)
librenms/librenms is vulnerable to stored cross-site scripting XSS. The vulnerability is due to malicious JavaScript being allowed in the Alert Template creation feature, which executes when the template is rendered...
CVE-2025-55296
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
LibreNMS allows stored XSS in Alert Template name field
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS alertdocument.cookie/script and filling the other fields with arbitrary content e.g., test, once the template is saved, the script is executed. This confirms that user input is stored and later rendered without proper outp...
GHSA-VXQ6-8CWM-WJ99 LibreNMS allows stored XSS in Alert Template name field
Summary A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS alertdocument.cookie/script and filling the other fields with arbitrary content e.g., test, once the template is saved, the script is executed. This confirms that user input is stored and later rendered without proper outp...
CVE-2025-55296
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
Cross-site Scripting (XSS)
Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Alert Template name field. An attacker can execute arbitrary JavaScript in the conte...
CVE-2025-55296 LibreNMS allows stored XSS in Alert Template name field
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
CVE-2025-55296
LibreNMS (LibreNMS) has a stored XSS in the Alert Template name field affecting versions up to and including 25.6.0. The vulnerability requires an admin to inject JavaScript that executes when the template renders, potentially compromising other admin accounts. Remediation is to upgrade to versio...
CVE-2025-55296 LibreNMS allows stored XSS in Alert Template name field
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
CVE-2025-55296 LibreNMS allows stored XSS in Alert Template name field
librenms is a community-based GPL-licensed network monitoring system. A stored Cross-Site Scripting XSS vulnerability exists in LibreNMS = 25.6.0 in the Alert Template creation feature. This allows a user with the admin role to inject malicious JavaScript, which will be executed when the template...
LibreNMS 跨站脚本漏洞
LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. A cross-site scripting vulnerability exists in LibreNMS 25.6.0 and earlier versions, whi...
PT-2025-33678 · Librenms · Librenms
Name of the Vulnerable Software and Affected Versions: librenms versions prior to 25.8.0 Description: A stored Cross-Site Scripting XSS issue exists in LibreNMS in the Alert Template creation feature. This allows a user with admin privileges to inject malicious JavaScript, which will be executed...
CVE-2024-47526 LibreNMS has a Self-XSS ('Cross-site Scripting') in librenms/includes/html/modal/alert_template.inc.php
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not...
LibreNMS 跨站脚本漏洞
LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of network environments, and automatic updates. A cross-site scripting vulnerability exists in LibreNMS version 24.7.0 and prior version...
LibreNMS Cross-Site Scripting Vulnerability
LibreNMS is an open source network monitoring system based on PHP and MySQL. The system features customizable alerts , auto-discovery of the network environment and automatic updates . A cross-site scripting vulnerability exists in the Create User Inventory Add Device Notifications Alert Rule...