2024-11-20
:
LibreNMS, an open-source network monitoring system, is vulnerable to stored XSS (Cross-Site Scripting) attacks. Attackers can inject malicious Javascript through the “name” parameter when adding a service, potentially compromising other users’ accounts. This issue is fixed in version 24.10.0.
Vulnerability Details:
Platform: LibreNMS
Version: All versions before 24.10.0
Vulnerability: Stored XSS
Severity: Critical
Date: November 15, 2024 (published)
What Undercode Says:
This critical vulnerability in LibreNMS allows attackers to inject malicious code and potentially compromise other user accounts. It’s crucial to upgrade to LibreNMS version 24.10.0 or later to mitigate this risk.
References:
Reported By: Nvd.nist.gov
Undercode AI: https://ai.undercodetesting.com
Image Source:
OpenAI: https://openai.com
Undercode AI DI v2: https://ai.undercode.help