librenms/librenms is vulnerable to cross-site scripting. The library does not properly escape the user input strings in the $url
field in showconfig.inc.php
, allowing an attacker to inject and execute malicious javascript.
CPE | Name | Operator | Version |
---|---|---|---|
librenms/librenms | le | 21.11.0 | |
librenms/librenms | le | 21.11.0 |