Librenms: >> Librenms Security Vulnerabilities
Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.
CVSS Score
7.6
EPSS Score
0.825
Published
2023-08-15
A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.
CVSS Score
7.6
EPSS Score
0.424
Published
2022-11-20
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
3.4
EPSS Score
0.902
Published
2022-11-20
Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
2.7
EPSS Score
0.0
Published
2022-11-20
Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
9.0
EPSS Score
0.0
Published
2022-11-20
Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-11-20
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
4.3
EPSS Score
0.891
Published
2022-11-20
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
3.4
EPSS Score
0.901
Published
2022-11-20
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.
CVSS Score
5.7
EPSS Score
0.0
Published
2022-11-20
Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.
CVSS Score
5.6
EPSS Score
0.001
Published
2022-09-17