logo
Vulnerability feed
Contributors
About
Blog
CONTRIBUTE

Vulnerability

warn

CVE-2024-49759

Reference to the description:

https://nvd.nist.gov/vuln/detail/CVE-2024-49759

Description:
LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the "Manage User Access" page allows authenticated users to inject arbitrary JavaScript through the "bill_name" parameter when creating a new bill. This vulnerability can lead to the execution of malicious code when visiting the "Bill Access" dropdown in the user's "Manage Access" page, potentially compromising user sessions and allowing unauthorized actions. This vulnerability is fixed in 24.10.0.
Last updated date:
11/20/2024
Type:
exploit
Confidence:
HIGH
Date of publishing:
11/20/2024
Reference url to background

https://github.com/librenms/librenms/security/advisories/GHSA-888j-pjqh-fx58

Vulnerability FeedContributorsAboutBlog

@inTheWild

©2025

Privacy Policy

This website uses cookies to enhance the user experience. Check out our privacy policy