CVE-2023-4982

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Sep 15, 2023
Updated: Sep 20, 2023
CWE ID 352

Summary

CVE-2023-4982 is a newly identified Cross-Site Scripting (XSS) vulnerability. This issue affected the librenms GitHub repository prior to version 23.9.0. An attacker could exploit this stored XSS flaw by injecting malicious scripts into specifically crafted data, which would then be executed in the context of the affected website. Successful exploitation could lead to unauthorized access or data theft, posing a significant risk to users. It is highly recommended that affected users upgrade to the latest version of librenms to mitigate this vulnerability.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share