CVE-2019-15230: XSS
First published: Wed Aug 28 2019(Updated: )
LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Librenms Librenms | =1.54 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2019-15230?
CVE-2019-15230 is a vulnerability in LibreNMS v1.54 that allows for XSS attacks in various sections of the admin console.
How severe is CVE-2019-15230?
CVE-2019-15230 has a severity level of medium with a CVSS score of 5.4.
What is the impact of CVE-2019-15230?
CVE-2019-15230 could lead to cookie stealing and other malicious actions if exploited with an authenticated account.
How can I fix CVE-2019-15230?
To fix CVE-2019-15230, users should update to a version of LibreNMS that is not affected by this vulnerability.
Where can I find more information about CVE-2019-15230?
More information about CVE-2019-15230 can be found at a trusted source such as the following: [https://www.sevenlayers.com/index.php/239-librenms-v1-54-xss](https://www.sevenlayers.com/index.php/239-librenms-v1-54-xss)
- collector/nvd-index
- vendor/librenms
- canonical/librenms librenms
- version/librenms librenms/1.54