3 matches found
CVE-2024-49758
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This...
CVE-2024-49758
CVE-2024-49758 affects LibreNMS (PHP/MySQL/SNMP). It is a stored XSS vulnerability where an Admin can inject JavaScript into a device’s Notes via the ExamplePlugin, which is triggered when the plugin is enabled. The issue stems from insufficient input sanitization and is mitigated by upgrading to...
CVE-2024-49758 LibreNMS has a stored XSS in ExamplePlugin with Device's Notes
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This...