LibreNMS XSS Vulnerability
Moderate severity
GitHub Reviewed
Published
May 14, 2022
to the GitHub Advisory Database
•
Updated Jul 25, 2023
Description
Published by the National Vulnerability Database
Oct 18, 2018
Published to the GitHub Advisory Database
May 14, 2022
Reviewed
Jul 25, 2023
Last updated
Jul 25, 2023
Persistent Cross-Site Scripting (XSS) issues in LibreNMS before 1.44 allow remote attackers to inject arbitrary web script or HTML via the dashboard_name parameter in the /ajax_form.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/delete-dashboard.inc.php, and html/includes/forms/edit-dashboard.inc.php.
References