Lucene search
Veracode Vulnerability DatabaseVERACODE:34226HistoryFeb 15, 2022 - 6:22 a.m.
Cross-site Scripting (XSS)
2022-02-1506:22:07
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
0.001 Low
EPSS
Percentile
34.3%
librenms/librenms is vulnerable to cross-site scripting(XSS) attacks. The vulnerability exists due to the lack of sanitization in the Transport name field in the alert-transports.inc.php file allowing an attacker to inject and execute malicious javascript through the alerts module.
| CPE | Name | Operator | Version |
|---|---|---|---|
| librenms/librenms | le | 22.1.0 | |
| librenms/librenms | le | 22.1.0 |
References
github.com/advisories/GHSA-rp34-85x3-3764
github.com/librenms/librenms/commit/135717a9a05c5bf8921f1389cbb469dcbf300bfd
github.com/librenms/librenms/pull/13775
huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177
huntr.dev/bounties/114ba055-a2f0-4db9-aafb-95df944ba177/
notes.netbytesec.com/2022/02/multiple-vulnerabilities-in-librenms.html
Related
osv
osv
Cross-site Scripting in librenms
2022-02-15 00:02:47
CVE-2022-0576
2022-02-14 12:15:23
nvd
nvd
CVE-2022-0576
2022-02-14 12:15:23
cve
cve
CVE-2022-0576
2022-02-14 12:15:23
huntr
huntr
Cross-site Scripting (XSS) - Generic in librenms/librenms
2022-02-12 21:28:19
github
github
Cross-site Scripting in librenms
2022-02-15 00:02:47
prion
prion
Cross site scripting
2022-02-14 12:15:00
cvelist
cvelist
CVE-2022-0576 Cross-site Scripting (XSS) - Generic in librenms/librenms
2022-02-13 23:40:09