Librenms: >> Librenms >> 1.20.1 Security Vulnerabilities
SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.
CVSS Score
7.8
EPSS Score
0.001
Published
2023-10-16
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.
CVSS Score
8.4
EPSS Score
0.0
Published
2023-09-19
Code Injection in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
7.3
EPSS Score
0.001
Published
2023-09-15
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
9.0
EPSS Score
0.0
Published
2023-09-15
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-15
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-15
Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
8.8
EPSS Score
0.001
Published
2023-09-15
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.
CVSS Score
9.8
EPSS Score
0.0
Published
2023-09-15
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.
CVSS Score
7.6
EPSS Score
0.825
Published
2023-08-15
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.
CVSS Score
7.6
EPSS Score
0.424
Published
2022-11-20