CVE-2023-48295
CVSS V2 None
CVSS V3 None
Description
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit `faf66035ea` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Overview
- CVE ID
- CVE-2023-48295
- Assigner
- GitHub_M
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-11-17T21:06:07.575Z
- Last Modified Date
- 2023-11-17T21:06:07.575Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://github.com/librenms/librenms/security/advisories/GHSA-8phr-637g-pxrg | x_refsource_CONFIRM |
https://github.com/librenms/librenms/commit/faf66035ea1f4c1c4f34559b9d0ed40ee4a19f90 | x_refsource_MISC |
https://github.com/librenms/librenms/blob/63eeeb71722237d1461a37bb6da99fda25e02c91/app/Http/Controllers/DeviceGroupController.php#L173C21-L173C21 | x_refsource_MISC |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-48295 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48295 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-25 00:06:28 | Added to TrackCVE |