4 matches found
CVE-2024-51497
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Custom OID" tab of a device allows authenticated users to inject arbitrary JavaScript through the "unit" parameter when creating a new OID. This vulnerability can le...
CVE-2024-51497 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Custom OID" tab of a device allows authenticated users to inject arbitrary JavaScript through the "unit" parameter when creating a new OID. This vulnerability can le...
CVE-2024-51497 LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting XSS vulnerability in the "Custom OID" tab of a device allows authenticated users to inject arbitrary JavaScript through the "unit" parameter when creating a new OID. This vulnerability can le...
CVE-2024-51497
LibreNMS is affected by a Stored XSS in the Custom OID tab, where an authenticated user can inject JavaScript via the unit parameter when creating a new OID. The vulnerability is due to improper sanitization in librenms/includes/html/print-customoid.php and is associated with the stored XSS paylo...