CVE-2025-23200
Stored XSS-LibreNMS-Misc Section in librenms
In short
LibreNMS versions before 24.11.0 contain a stored XSS vulnerability in the ajax_form.php file's state parameter. An attacker can inject malicious scripts that execute when other users view the affected page, potentially allowing unauthorized actions or data theft.
Technical detail
Stored cross-site scripting (CWE-79) exists in the state parameter of ajax_form.php, allowing unauthenticated or authenticated remote attackers to inject persistent malicious scripts into the application. When users interact with pages containing the stored payload, the script executes in their browser context, potentially enabling session hijacking, credential theft, or unauthorized administrative actions.
Summary generated and translated by AI from the official description.
librenms is a community-based GPL-licensed network monitoring system. Affected versions are subject to a stored XSS on the parameter: `ajax_form.php` -> param: state. Librenms versions up to 24.10.1 allow remote attackers to inject malicious scripts. When a user views or interacts with the page displaying the data, the malicious script executes immediately, leading to potential unauthorized actions or data exposure. This issue has been addressed in release version 24.11.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N
Affected products
librenms · librenmsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →