GHSA-2f4w-6mc7-4w78
Suggest an improvement- Source
- https://github.com/advisories/GHSA-2f4w-6mc7-4w78
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/01/GHSA-2f4w-6mc7-4w78/GHSA-2f4w-6mc7-4w78.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/GHSA-2f4w-6mc7-4w78
- Aliases
- Published
- 2025-01-16T17:18:32Z
- Modified
- 2025-04-28T18:32:57Z
- Severity
-
- 4.6 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N CVSS Calculator
- Summary
- LibreNMS Display Name 2 Stored Cross-site Scripting vulnerability
- Details
-
StoredXSS-LibreNMS-Display Name 2
Description:
XSS on the parameters (Replace $DEVICEID with your specific $DEVICEID value):
/device/$DEVICE_ID/edit-> param: displayof Librenms versions 24.11.0 (https://github.com/librenms/librenms) allows remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure.
Proof of Concept: 1. Add a new device through the LibreNMS interface. 2. Edit the newly created device by going to the "Device Settings" section. 3. In the "Display Name" field, enter the following payload:
"><img src onerror="alert(document.cookie)">.4. Save the changes. 5. The XSS payload is triggered when navigating to the path /device/$DEVICE_ID/logs and hovering over a type containing a tag (such as Core 1 in the image).
Impact:
Execution of Malicious Code
- Database specific
{ "severity": "MODERATE", "nvd_published_at": "2025-01-16T23:15:07Z", "github_reviewed": true, "github_reviewed_at": "2025-01-16T17:18:32Z", "cwe_ids": [ "CWE-79" ] }- References
Affected packages
Packagist / librenms/librenms
Package
- Name
- librenms/librenms
- Purl
- pkg:composer/librenms/librenms