Lucene search
K

18 matches found

CNVD
CNVD
added 2025/10/21 12:0 a.m.4 views

LibreNMS Cross-Site Scripting Vulnerability

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of the network environment and automatic updates. A cross-site scripting vulnerability exists in LibreNMS that stems from insufficient...

5.5CVSS6.1AI score0.11639EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/10/17 6:44 p.m.15 views

CVE-2025-62411

LibreNMS is a community-based GPL-licensed network monitoring system. LibreNMS = 25.8.0 contains a Stored Cross-Site Scripting XSS vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored a...

5.5CVSS5.5AI score0.11639EPSS
Exploits1References1
NVD
NVD
added 2025/10/16 6:15 p.m.14 views

CVE-2025-62411

LibreNMS is a community-based GPL-licensed network monitoring system. LibreNMS = 25.8.0 contains a Stored Cross-Site Scripting XSS vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored a...

5.5CVSS0.11639EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/10/16 5:50 p.m.1 views

CVE-2025-62411 Stored XSS in Alert Transport name field in LibreNMS

LibreNMS is a community-based GPL-licensed network monitoring system. LibreNMS = 25.8.0 contains a Stored Cross-Site Scripting XSS vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored a...

5.5CVSS5.1AI score0.11639EPSS
Exploits1References2
CVE
CVE
added 2025/10/16 5:50 p.m.12 views

CVE-2025-62411

LibreNMS

5.5CVSS5.1AI score0.11639EPSS
Exploits1References2Affected Software1
Github Security Blog
Github Security Blog
added 2025/10/16 4:52 p.m.10 views

LibreNMS has a Stored XSS vulnerability in its Alert Transport name field

Summary LibreNMS Impact Only accounts with the admin rol...

5.5CVSS6.2AI score0.11639EPSS
Exploits1References6Affected Software1
OSV
OSV
added 2025/10/16 4:52 p.m.4 views

GHSA-FRC6-PWGR-C28W LibreNMS has a Stored XSS vulnerability in its Alert Transport name field

Summary LibreNMS Impact Only accounts with the admin rol...

5.5CVSS6.2AI score0.11639EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.4 views

LibreNMS 安全漏洞

LibreNMS is an open source network monitoring system based on PHP and MySQL from the LibreNMS community. The system features customizable alerts, auto-discovery of the network environment and automatic updates. A cross-site scripting vulnerability exists in LibreNMS that stems from insufficient...

5.5CVSS6AI score0.11639EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/02/05 8:30 a.m.7 views

CVE-2024-47523

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which...

7.5CVSS6.2AI score0.00585EPSS
Exploits1
BDU FSTEC
BDU FSTEC
added 2024/11/14 12:0 a.m.5 views

The vulnerability of the Alert Transports function in the LibreNMS network monitoring system allows a intruder to perform cross-site scripting attacks.

The vulnerability of the Alert Transports function in the LibreNMS network monitoring system is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

8CVSS5.2AI score0.00585EPSS
Exploits1References3Affected Software1
Veracode
Veracode
added 2024/10/04 4:44 a.m.8 views

Cross Site Scripting(XSS)

librenms/librenms is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient validation and sanitization of user input in the "Alert Transports" feature, specifically in the "Details" section, which allows authenticated users to inject arbitrary JavaScript code executable...

7.5CVSS6.1AI score0.00585EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2024/10/01 8:31 p.m.19 views

CVE-2024-47523 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which...

7.5CVSS0.00585EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/10/01 8:31 p.m.12 views

CVE-2024-47523 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which...

7.5CVSS5.5AI score0.00585EPSS
Exploits1References3
CVE
CVE
added 2024/10/01 8:31 p.m.49 views

CVE-2024-47523

LibreNMS (PHP/MySQL/SNMP-based) has a Stored Cross-Site Scripting (XSS) vulnerability in the Alert Transports Details field. The root cause is insufficient sanitization of user input in the Details section, allowing an attacker to inject JavaScript that executes in other users’ sessions. This aff...

7.5CVSS5.7AI score0.00585EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2024/10/01 8:31 p.m.15 views

CVE-2024-47523 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which...

7.5CVSS5.4AI score0.00585EPSS
Exploits1References5
OSV
OSV
added 2024/10/01 8:31 p.m.11 views

GHSA-7F84-28QH-9486 LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature

Summary A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which transport is selected at that moment. This vulnerability can lead to...

7.5CVSS5.8AI score0.00585EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2024/10/01 8:31 p.m.24 views

LibreNMS has Stored Cross-site Scripting vulnerability in "Alert Transports" feature

Summary A Stored Cross-Site Scripting XSS vulnerability in the "Alert Transports" feature allows authenticated users to inject arbitrary JavaScript through the "Details" section which contains multiple fields depending on which transport is selected at that moment. This vulnerability can lead to...

7.5CVSS5.5AI score0.00585EPSS
Exploits1References5Affected Software1
Veracode
Veracode
added 2022/02/15 6:22 a.m.21 views

Cross-site Scripting (XSS)

librenms/librenms is vulnerable to cross-site scriptingXSS attacks. The vulnerability exists due to the lack of sanitization in the Transport name field in the alert-transports.inc.php file allowing an attacker to inject and execute malicious javascript through the alerts module...

6.1CVSS3AI score0.00998EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder