Version unspecified

CVE-2023-5591

SQL Injection in GitHub repository librenms/librenms prior to 23.10.0.

HIGH CVSS 7.8 Published Oct 16, 2023

CVE-2023-5060

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.1.

HIGH CVSS 8.4 Published Sep 19, 2023

CVE-2023-4982

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 23.9.0.

CRITICAL CVSS 9.8 Published Sep 15, 2023

CVE-2023-4981

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.

HIGH CVSS 8.8 Published Sep 15, 2023

CVE-2023-4980

Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 23.9.0.

HIGH CVSS 8.8 Published Sep 15, 2023

CVE-2023-4978

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.

CRITICAL CVSS 9.0 Published Sep 15, 2023

CVE-2023-4979

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.9.0.

HIGH CVSS 8.8 Published Sep 15, 2023

CVE-2023-4977

Code Injection in GitHub repository librenms/librenms prior to 23.9.0.

HIGH CVSS 7.3 Published Sep 15, 2023

CVE-2023-4347

Cross-site Scripting (XSS) - Reflected in GitHub repository librenms/librenms prior to 23.8.0.

HIGH CVSS 7.6 Published Aug 15, 2023

CVE-2022-4067

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.

LOW CVSS 3.4 Published Nov 20, 2022

CVE-2022-4068

A user is able to enable their own account if it was disabled by an admin while the user still holds a valid session. Moreover, the username is not properly sanitized in the admin user overview. This enables an XSS attack that enables an attacker with a low privilege user to execute arbitrary JavaScript in the context of an admin's account.

HIGH CVSS 7.6 Published Nov 20, 2022

CVE-2022-4070

Insufficient Session Expiration in GitHub repository librenms/librenms prior to 22.10.0.

LOW CVSS 2.7 Published Nov 20, 2022

CVE-2022-4069

Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.

LOW CVSS 3.4 Published Nov 20, 2022

CVE-2022-3561

Cross-site Scripting (XSS) - Generic in GitHub repository librenms/librenms prior to 22.10.0.

MEDIUM CVSS 4.3 Published Nov 20, 2022

CVE-2022-3516

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.

MEDIUM CVSS 5.7 Published Nov 20, 2022

CVE-2022-3562

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.10.0.

MEDIUM CVSS 4.3 Published Nov 20, 2022

CVE-2022-3525

Deserialization of Untrusted Data in GitHub repository librenms/librenms prior to 22.10.0.

CRITICAL CVSS 9.0 Published Nov 20, 2022

CVE-2022-3231

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.9.0.

MEDIUM CVSS 5.6 Published Sep 17, 2022

CVE-2022-0772

Cross-site Scripting (XSS) - Stored in GitHub repository librenms/librenms prior to 22.2.2.

MEDIUM CVSS 4.7 Published Feb 27, 2022

CVE-2022-0589

Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.1.0.

MEDIUM CVSS 5.4 Published Feb 15, 2022

CVE-2022-0588

Missing Authorization in Packagist librenms/librenms prior to 22.2.0.

HIGH CVSS 7.1 Published Feb 15, 2022

CVE-2022-0587

Improper Authorization in Packagist librenms/librenms prior to 22.2.0.

HIGH CVSS 7.1 Published Feb 15, 2022

CVE-2022-0580

Incorrect Authorization in Packagist librenms/librenms prior to 22.2.0.

HIGH CVSS 7.1 Published Feb 14, 2022

CVE-2022-0575

Cross-site Scripting (XSS) - Stored in Packagist librenms/librenms prior to 22.2.0.

MEDIUM CVSS 5.4 Published Feb 13, 2022

CVE-2022-0576

Cross-site Scripting (XSS) - Generic in Packagist librenms/librenms prior to 22.1.0.

MEDIUM CVSS 5.4 Published Feb 13, 2022