Cross-site Scripting (XSS) - Stored in librenms/librenms

Valid

Reported on

Feb 13th 2022


Description

Stored XSS in create/modify Transport Groups, Add/Edit Service and Edit Service Template

Proof of Concept

Payload:

'><body onload=alert(/XSS/)>

~

PoC image:

Xss payload in create/modify Transport Groups

Xss payload in Add/Edit Service

Xss payload in Edit Service Template

~

XSS will fire-up by user visiting:

1 http://{HOST}/alert-transports

2 http://{HOST}/device/{id}/services

Impact

This vulnerability is capable of running malicious javascript code on web pages.

We are processing your report and will contact the librenms team within 24 hours. 3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
Faisal Fs modified the report
3 months ago
We have contacted a member of the librenms team and are waiting to hear back 3 months ago
PipoCanaja validated this vulnerability 3 months ago
Faisal Fs has been awarded the disclosure bounty
The fix bounty is now up for grabs
PipoCanaja confirmed that a fix has been merged on 4c9d4e 3 months ago
PipoCanaja has been awarded the fix bounty
to join this conversation