admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-475xx/CVE-2024-47526.json

72 lines
2.7 KiB
JSON
Raw Normal View History

Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
{
"id": "CVE-2024-47526",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-10-01T21:15:07.740",
Auto-Update: 2024-10-04T14:00:27.718839+00:00
2024-10-04 14:03:27 +00:00
"lastModified": "2024-10-04T13:50:43.727",
Auto-Update: 2024-10-13T02:00:16.486465+00:00
2024-10-13 02:03:17 +00:00
"vulnStatus": "Awaiting Analysis",
Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Self Cross-Site Scripting (Self-XSS) vulnerability in the \"Alert Templates\" feature allows users to inject arbitrary JavaScript into the alert template's name. This script executes immediately upon submission but does not persist after a page refresh."
Auto-Update: 2024-10-04T14:00:27.718839+00:00
2024-10-04 14:03:27 +00:00
},
{
"lang": "es",
"value": "LibreNMS es un sistema de monitoreo de red de c\u00f3digo abierto basado en PHP/MySQL/SNMP. Una vulnerabilidad de tipo Self Cross-Site Scripting (Self-XSS) en la funci\u00f3n \"Alert Templates\" permite a los usuarios inyectar c\u00f3digo JavaScript arbitrario en el nombre de la plantilla de alerta. Este script se ejecuta inmediatamente despu\u00e9s de enviarlo, pero no persiste despu\u00e9s de actualizar la p\u00e1gina."
Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:N",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"baseScore": 3.5,
"baseSeverity": "LOW",
Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"availabilityImpact": "NONE"
Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
},
"exploitabilityScore": 0.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00
"type": "Secondary",
Auto-Update: 2024-10-01T22:00:18.000134+00:00
2024-10-01 22:03:17 +00:00
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/forms/alert-templates.inc.php#L40",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/librenms/librenms/blob/0e741e365aa974a74aee6b43d1b4b759158a5c7e/includes/html/modal/alert_template.inc.php#L205",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/librenms/librenms/commit/f259edc19b9f0ccca484c60b1ba70a0bfff97ef5",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/librenms/librenms/security/advisories/GHSA-gcgp-q2jq-fw52",
"source": "security-advisories@github.com"
}
]
}
Reference in New Issue Copy Permalink