Severity: high (8.8)

First published: Fri Sep 15 2023

Last modified: Fri Sep 15 2023

CWE: 79

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.

Any of

  • composer/librenms/librenms
    fixed in: 23.9.0


  • What is the severity of GHSA-jp3c-g46v-jg2c?

    The severity of GHSA-jp3c-g46v-jg2c is high with a severity value of 8.8.

  • How does GHSA-jp3c-g46v-jg2c affect the software?

    GHSA-jp3c-g46v-jg2c affects the GitHub repository librenms/librenms prior to version 23.9.0 by allowing cross-site scripting (XSS) attacks.

  • How can I fix GHSA-jp3c-g46v-jg2c?

    To fix GHSA-jp3c-g46v-jg2c, update your librenms/librenms package to version 23.9.0 or later.

  • What is the Common Weakness Enumeration (CWE) ID for GHSA-jp3c-g46v-jg2c?

    The CVE ID for GHSA-jp3c-g46v-jg2c is CVE-2023-4979.

  • Where can I find more information about GHSA-jp3c-g46v-jg2c?

    You can find more information about GHSA-jp3c-g46v-jg2c at the following references: [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-4979), [GitHub Commit](https://github.com/librenms/librenms/commit/49d66fa31b43acef02eaa09ee9af15fe7e16cd03), [Huntr Bounty](https://huntr.dev/bounties/e67f8f5d-4048-404f-9b86-cb6b8719b77f).

SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203