2 matches found
CVE-2018-18478
LibreNMS before version 1.44 is vulnerable to a persistent XSS via the dashboard_name parameter in ajax_form.php, related to html/includes/forms/add-dashboard.inc.php, delete-dashboard.inc.php, and edit-dashboard.inc.php. An attacker could inject arbitrary web script/HTML that may be executed in ...
CVE-2018-18478
Persistent Cross-Site Scripting XSS issues in LibreNMS before 1.44 allow remote attackers to inject arbitrary web script or HTML via the dashboardname parameter in the /ajaxform.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/delete-dashboard.inc.php, and...