CVE-2023-4981

Description

Cross-site Scripting (XSS) - DOM in GitHub repository librenms/librenms prior to 23.9.0.

How to fix CVE-2023-4981

To remediate CVE-2023-4981, upgrade the affected package to a fixed version below.

• Packagist/librenms/librenms—upgrade to 23.9.0 or later

Is CVE-2023-4981 being exploited?

Low — EPSS is 0.1%, meaning exploitation activity has not been observed at scale.

Affected packages (1)

• from 0, < 23.9.0

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-4981
• PATCHgithub.com/librenms/librenms
• WEBgithub.com/librenms/librenms/commit/03c4da62c8acde0a82acbb4a445ae866ebfdd3f7
• WEBhuntr.dev/bounties/1f014494-49a9-4bf0-8d43-a675498b9609