CVE-2023-4978
CVSS 3.1 Score 9.1 of 10 (high)
Details
Published Sep 15, 2023
Updated: Sep 20, 2023
CWE ID 918
CWE ID 79
Summary
CVE-2023-4978 is a Cross-site Scripting (XSS) vulnerability affecting the GitHub repository librenms/librenms before version 23.9.0. An attacker can exploit this DOM-based XSS issue by injecting malicious scripts into web pages viewed by other users. Successful exploitation could lead to unauthorized access to user data or session hijacking. Users are advised to update their installations to the latest version to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share