Cross-site Scripting (XSS)

Overview librenms/librenms is a fully featured network monitoring system that provides a wealth of features and device support. Affected versions of this package are vulnerable to Cross-site Scripting XSS via the reportthis function due to improper filtering of user-supplied input in the...

CVE-2025-62365

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to 25.7.0, there is a reflected-XSS in reportthis function in librenms/includes/functions.php. The reportthis function had improper filtering htmlentities function was incorrectly use in a href environment, which...

GHSA-86RG-8HC8-V82P LibreNMS is vulnerable to Reflected-XSS in `report_this` function

Summary Reflected-XSS in reportthis function in librenms/includes/functions.php Details Recently, it was discovered that the reportthis function had improper filtering htmlentities function was incorrectly used in a href environment, which caused the projectissues parameter to trigger an XSS...

CVE-2025-62365 LibreNMS vulnerable to Reflected-XSS in `report_this` function

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to 25.7.0, there is a reflected-XSS in reportthis function in librenms/includes/functions.php. The reportthis function had improper filtering htmlentities function was incorrectly use in a href environment, which...