First published: Fri Nov 17 2023(Updated: )
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring which includes support for a wide range of network hardware and operating systems. Affected versions are subject to a cross site scripting (XSS) vulnerability in the device group popups. This issue has been addressed in commit `faf66035ea` which has been included in release version 23.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
Credit: email@example.com firstname.lastname@example.org
|Affected Software||Affected Version||How to fix|
The vulnerability ID for this issue is CVE-2023-48295.
The severity of CVE-2023-48295 is medium with a CVSS score of 6.3.
The affected software for CVE-2023-48295 is LibreNMS version up to and exclusive of 23.11.0.
To fix CVE-2023-48295, upgrade LibreNMS to version 23.11.0 or above.