CVE-2021-31274
packagist/librenms/librenms
Cross-site Scripting
In LibreNMS, a stored XSS vulnerability was identified in the API Access page due to insufficient sanitization of the $api->description variable. As a result, arbitrary Javascript code can get executed.
All versions before 21.3.0
Upgrade to version 21.3.0 or above.
2021-09-16
source |