Lucene search
K

10 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-3047

Malicious code in bioql PyPI...

3.5CVSS6.4AI score0.00442EPSS
Exploits1References6
RedhatCVE
RedhatCVE
added 2025/05/23 10:38 a.m.9 views

CVE-2024-47526

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not...

3.5CVSS6.1AI score0.00442EPSS
Exploits1
Veracode
Veracode
added 2024/10/04 4:40 a.m.6 views

Cross Site Scripting(XSS)

librenms/librenms is vulnerable to Cross-Site Scripting Self-XSS. The vulnerability is due to a lack of proper input validation and sanitization in the "Alert Templates" feature of LibreNMS, allows users to inject arbitrary JavaScript into the alert template's name without any restrictions...

3.5CVSS6AI score0.00442EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2024/10/01 9:15 p.m.16 views

CVE-2024-47526

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not...

3.5CVSS0.00442EPSS
Exploits1References4
Snyk
Snyk
added 2024/10/01 8:31 p.m.4 views

Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the name field in the "Alert Templates" feature. This is due to missing sanitization on...

4.6CVSS5.2AI score0.00442EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2024/10/01 8:31 p.m.15 views

LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Templates" feature

Summary A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh. Details The vulnerability occurs when...

3.5CVSS6.1AI score0.00442EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2024/10/01 8:31 p.m.11 views

GHSA-GCGP-Q2JQ-FW52 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Templates" feature

Summary A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh. Details The vulnerability occurs when...

4.8CVSS3.8AI score0.00442EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2024/10/01 8:25 p.m.20 views

CVE-2024-47526 LibreNMS has a Self-XSS ('Cross-site Scripting') in librenms/includes/html/modal/alert_template.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not...

3.5CVSS6.1AI score0.00442EPSS
Exploits1References4
CVE
CVE
added 2024/10/01 8:25 p.m.46 views

CVE-2024-47526

LibreNMS is affected by a Self-XSS in the Alert Templates feature. The vulnerability stems from insufficient sanitization of the template name before rendering in the UI, allowing arbitrary JavaScript to execute during template creation. The in-page script runs at submission time but does not per...

3.5CVSS3.6AI score0.00442EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2024/10/01 8:25 p.m.11 views

CVE-2024-47526 LibreNMS has a Self-XSS ('Cross-site Scripting') in librenms/includes/html/modal/alert_template.inc.php

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting Self-XSS vulnerability in the "Alert Templates" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not...

3.5CVSS6AI score0.00442EPSS
Exploits1References6
Rows per page
Query Builder