3 matches found
CVE-2024-50352
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Services" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when adding a service to a devic...
CVE-2024-50352
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Services" section of the Device Overview page allows authenticated users to inject arbitrary JavaScript through the "name" parameter when adding a service to a devic...
CVE-2024-50352
CVE-2024-50352 affects LibreNMS (librenms/includes/html/pages/device/overview/services.inc.php). A stored XSS vulnerability allows authenticated users to inject JavaScript via the name field when adding a service to a device, potentially executing in other users’ sessions. The issue is mitigated ...