CVE-2023-4347

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*

History

22 Aug 2023, 01:22

Type Values Removed Values Added
CPE cpe:2.3:a:librenms:librenms:*:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4
References (MISC) https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824 - (MISC) https://github.com/librenms/librenms/commit/91c57a1ee54631e071b6b0c952d99c8ee892e824 - Patch
References (MISC) https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f - (MISC) https://huntr.dev/bounties/1f78c6e1-2923-46c5-9376-4cc5a8f1152f - Exploit, Third Party Advisory

15 Aug 2023, 02:15

Type Values Removed Values Added
New CVE

Information

Published : 2023-08-15 02:15

Updated : 2024-02-05 00:01


NVD link : CVE-2023-4347

Mitre link : CVE-2023-4347

CVE.ORG link : CVE-2023-4347


JSON object : View

Products Affected

librenms

  • librenms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')