Headline
CVE-2022-29711: Fix Graylog XSS by murrant · Pull Request #13931 · librenms/librenms
LibreNMS v22.3.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /Table/GraylogController.php.
Reported by
● Darek Jensen
● haxmeadroom
Please note
Please read this information carefully. You can run ./lnms dev:check to check your code before submitting.
- Have you followed our code guidelines?
- If my Pull Request does some changes/fixes/enhancements in the WebUI, I have inserted a screenshot of it.
- If my Pull Request makes discovery/polling/yaml changes, I have added/updated test data.
Testers
If you would like to test this pull request then please run: ./scripts/github-apply <pr_id>, i.e ./scripts/github-apply 5926
After you are done testing, you can remove the changes with ./scripts/github-remove. If there are schema changes, you can ask on discord how to revert.