CNNVD-202508-2039 Information
CNNVD ID
CNNVD-202508-2039
Related CVE
- CNNVD Published: 2025-08-18
Description (Chinese)
LibreNMS是LibreNMS社区的一套基于PHP和MySQL的开源网络监控系统。该系统具有自定义警报、自动发现网络环境和自动更新等特点。 LibreNMS 25.6.0及之前版本存在跨站脚本漏洞,该漏洞源于Alert Template功能存在存储型跨站脚本,可能导致恶意代码执行。
Description (English)
LibreNMS is an open-source network monitoring system based on PHP and MySQL for the LibreNMS community. The system has features such as custom alerts, automatic discovery of the network environment and automatic updating. LibreNMS 25.6.0 and previous versions had a cross-site script loophole, which stemmed from the storage-type cross-site script of the Alert Template function, which could lead to malicious code implementation.
Hazard Level
High
Vulnerability Type
跨站脚本
Affected Vendor
LibreNMS
Published
2025-08-18
Last Modified
2026-02-24
References
https://github.com/librenms/librenms/security/advisories/GHSA-vxq6-8cwm-wj99 https://github.com/librenms/librenms/commit/8ade3d827d317f5ac4b336617aafff865f825958 https://nvd.nist.gov/vuln/detail/CVE-2025-55296
Patch
https://github.com/librenms/librenms/releases
Share on: