CVSS 3.1 Score 6.1 of 10 (medium)


Published Sep 15, 2023
Updated: Sep 20, 2023


CVE-2023-4978 is a Cross-Site Scripting (XSS) vulnerability that affects the GitHub repository librenms/librenms prior to version 23.9.0. The vulnerability impacts various products, including bQedZ_, ZncGpw, ZncGpm, and kfmeCA, among others. To remediate this issue, organizations should update their librenms/librenms installation to version 23.9.0 or later. This XSS vulnerability poses a medium risk with a base score of 6.1 according to and requires user interaction for exploitation. It has low integrity and confidentiality impacts but does not affect availability. The CWE ID associated with this vulnerability is CWE-79 (Improper Neutralization of Input During Web Page Generation).

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-4978 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options