Overview
- Description
- LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the "metric" parameter of the "/wireless" and "/health" endpoints allows attackers to inject arbitrary JavaScript. This vulnerability results in the execution of malicious code when a user accesses the page with a malicious "metric" parameter, potentially compromising their session and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.
- Source
- security-advisories@github.com
- NVD status
- Received
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 4.8
- Impact score
- 2.7
- Exploitability score
- 1.7
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
- Severity
- MEDIUM
Weaknesses
- security-advisories@github.com
- CWE-79
Social media
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
CVE-2024-51496 Reflected XSS Vulnerability in LibreNMS "Metric" Parameter Pre-24.10.0 LibreNMS, a tool for monitoring networks, has a security problem called Reflected Cross-Site Scripting (XSS). This issue is in... https://t.co/wMXBxfw777
@VulmonFeeds
15 Nov 2024
1 Impression
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-51496 LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Reflected Cross-Site Scripting (XSS) vulnerability in the "metric" parameter of the "/wi… https://t.co/7wRFWA6SlZ
@CVEnew
15 Nov 2024
228 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes