CVE-2024-49764 | LibreNMS up to 24.10.0 Capture Debug Information Page hostname cross site scripting

Posted by Angelo Barbosa | Nov 15, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in LibreNMS up to 24.10.0. Affected by this issue is some unknown functionality of the component Capture Debug Information Page. The manipulation of the argument hostname leads to cross site scripting.

This vulnerability is handled as CVE-2024-49764. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49764 | LibreNMS up to 24.10.0 Capture Debug Information Page hostname cross site scripting

Related Posts

CVE-2023-5398 | Honeywell Experion Server heap-based overflow

CVE-2024-43161 | Averta Depicter Slider Plugin up to 3.1.2 on WordPress cross site scripting

CVE-2024-37985 | ARM CPU information disclosure

CVE-2024-28136 | Phoenix Contact CHARX SEC-3150 up to 1.5.1 OCPP Remote Service command injection (VDE-2024-019)