GHSA-x645-6pf9-xwxw: LibreNMS has an Authenticated OS Command Injection

GHSA-gv4m-f6fx-859x: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/print-customoid.php

GHSA-28p7-f6h6-3jh3: LibreNMS has a Reflected XSS ('Cross-site Scripting') in librenms/includes/html/pages/wireless.inc.php

GHSA-p66q-ppwr-q5j8: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/includes/html/dev-overview-data.inc.php

GHSA-7663-37rg-c377: LibreNMS has a Stored XSS ('Cross-site Scripting') in librenms/app/Http/Controllers/Table/EditPortsController.php

An issue was discovered in REDAXO version 5.15.1, allows attackers to execute arbitrary code and obtain sensitive information via modules.modules.php.

**Code injection in REDAXO**

High severity GitHub Reviewed Published Feb 17, 2024 to the GitHub Advisory Database • Updated Feb 20, 2024

Headline

GHSA-7f2v-5877-rx3x: Code injection in REDAXO

ghsa: Latest News