Severity: medium (5.4)

First published: Fri Sep 15 2023

Last modified: Wed Sep 20 2023

CWE: 79

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.

Any of

  • composer/librenms/librenms
    fixed in: 23.9.0


  • What is the severity of GHSA-m6jj-fgmh-3p8r?

    The severity of GHSA-m6jj-fgmh-3p8r is medium.

  • How does GHSA-m6jj-fgmh-3p8r affect the affected software?

    GHSA-m6jj-fgmh-3p8r affects the software version prior to 23.9.0 of the GitHub repository librenms/librenms.

  • What is the Common Weakness Enumeration (CWE) ID for GHSA-m6jj-fgmh-3p8r?

    The Common Weakness Enumeration (CWE) ID for GHSA-m6jj-fgmh-3p8r is CWE-79.

  • How can I fix GHSA-m6jj-fgmh-3p8r?

    To fix GHSA-m6jj-fgmh-3p8r, update the software version to 23.9.0 or later in the GitHub repository librenms/librenms.

  • Where can I find more information about GHSA-m6jj-fgmh-3p8r?

    You can find more information about GHSA-m6jj-fgmh-3p8r in the following references: [NVD](https://nvd.nist.gov/vuln/detail/CVE-2023-4982), [GitHub Commit](https://github.com/librenms/librenms/commit/2c5960631c49f7414f61b6d4dcd305b07da05769), [Huntr Bounty](https://huntr.dev/bounties/d3c2dd8a-883c-400e-a1a7-326c3fd37b9e).

SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203