Stored Cross-Site Scripting (XSS) in librenms/librenms
Valid
Reported on
Sep 21st 2022
Description
There is insufficient input validation in the pop-up notifications.
Proof of Concept
Steps to reproduce:
1. Log in to an admin account
2. Click on Ports -> Manage Groups
3. Create a new Port Group with the Name `<script>alert(document.location)</script>` and an arbitrary Description
4. The XSS is triggered when the Port Group is deleted
This works analagously with Device Groups.
Impact
The impact is JavaScript Code Execution. An attack requires admin privileges, so the impact is limited.
We are processing your report and will contact the
librenms
team within 24 hours.
8 months ago
We have contacted a member of the
librenms
team and are waiting to hear back
8 months ago
We have sent a
follow up to the
librenms
team.
We will try again in 7 days.
8 months ago
We have sent a
second
follow up to the
librenms
team.
We will try again in 10 days.
7 months ago
We have sent a
third and final
follow up to the
librenms
team.
This report is now considered stale.
7 months ago
The researcher's credibility has increased: +7
The fix bounty has been dropped
This vulnerability has been assigned a CVE
PortGroupController.php#L113
has been validated
DeviceGroupController.php#L185
has been validated
to join this conversation