GSA_kwCzR0hTQS1qcDNjLWc0NnYtamcyY84AA14w

Moderate EPSS: 0.00051% (0.15494 Percentile) EPSS:

Permalink JSON

LibreNMS Cross-site Scripting vulnerability

Affected Packages	Affected Versions	Fixed Versions
packagist:librenms/librenms	< 23.9.0	23.9.0
1 Dependent packages 2 Dependent repositories 51,127 Downloads total Affected Version Ranges All affected versions 1.20.1, 1.22.1, 1.30.1, 1.31.1, 1.31.2, 1.31.3, 1.32.1, 1.33.1, 1.36.1, 1.42.1, 1.48.1, 1.50.1, 1.53.1, 1.58.1, 1.62.1, 1.62.2, 1.64.1, 1.65.1, 1.70.0, 1.70.1, 21.1.0, 21.2.0, 21.3.0, 21.4.0, 21.5.0, 21.5.1, 21.6.0, 21.7.0, 21.8.0, 21.9.0, 21.9.1, 21.10.0, 21.10.1, 21.10.2, 21.11.0, 21.12.0, 21.12.1, 22.1.0, 22.2.0, 22.2.1, 22.2.2, 22.3.0, 22.4.0, 22.4.1, 22.5.0, 22.6.0, 22.7.0, 22.8.0, 22.9.0, 22.10.0, 22.11.0, 22.12.0, 23.1.0, 23.1.1, 23.2.0, 23.4.0, 23.4.1, 23.5.0, 23.6.0, 23.7.0, 23.8.0, 23.8.1, 23.8.2 All unaffected versions 23.9.0, 23.9.1, 23.10.0, 23.11.0, 24.1.0, 24.2.0, 24.3.0, 24.4.0, 24.4.1, 24.5.0, 24.6.0, 24.7.0, 24.8.0, 24.8.1, 24.9.0, 24.9.1, 24.10.0, 24.10.1, 24.11.0, 24.12.0, 25.1.0, 25.2.0, 25.3.0, 25.4.0, 25.5.0, 25.6.0, 25.7.0, 25.8.0

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.

References:

Identifiers

GHSA-jp3c-g46v-jg2c

CVE-2023-4979

Risk

Severity

Moderate

EPSS

EPSS Percentage: 0.00051

EPSS Percentile: 0.15494

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/librenms/librenms

Date and time

Published

almost 2 years ago

Updated

almost 2 years ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories