Multiple Cross-Site Scripting (XSS) Vulnerabilities in LibreNMS v1.54 Admin Console
CVE-2019-15230 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
LibreNMS v1.54 has XSS in the Create User, Inventory, Add Device, Notifications, Alert Rule, Create Maintenance, and Alert Template sections of the admin console. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account.
Learn more about our User Device Pen Test.