Global infos:

LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account.

CVE Status: Modified

References:

[email protected]

af854a3a-2127-422b-91ae-364da2661108

Metrics:

No CVSS data available

Links:

Exploit-db
Github