CVE-2023-4982

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 15, 2023

Updated: Sep 20, 2023

CWE ID 352

Summary

CVE-2023-4982 is a newly identified Cross-Site Scripting (XSS) vulnerability. This issue affected the librenms GitHub repository prior to version 23.9.0. An attacker could exploit this stored XSS flaw by injecting malicious scripts into specifically crafted data, which would then be executed in the context of the affected website. Successful exploitation could lead to unauthorized access or data theft, posing a significant risk to users. It is highly recommended that affected users upgrade to the latest version of librenms to mitigate this vulnerability.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/toP72d
https://www.cve.org/CVERecord?id=CVE-2023-4982
https://nvd.nist.gov/vuln/detail/CVE-2023-4982

Back to Vulnerability Database

CVE-2023-4982

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations