[Vulnerability Report] Cross Site Scripting (XSS) in the API Access page

Help
1

Hi,
Our research team in KAIST WSP Lab found a reflected vulnerability in LibreNMS.

  • Description: An Stroed XSS vulnerability was identified in the API Access page due to insufficient sanitization of the $api->description variable. As a result, arbitrary Javascript code can get executed.

  • Steps to reproduce the report

  1. Login to the website
  2. Go to the link: [LibreNMS root URL]/api-access
  3. Click the “Create API access token” button
  4. Enter “” in “Descr:”, and click the “Create API Token”
    1
    11018×350 19.3 KB
  5. Boom!

If there are any active developers on this project feel free to contact us for more information.
Additionally, I would like to get a CVE for the reported bug. How do I do this?

Best regards,
Seongil.

2

Hi @Seongil_Wi
Thanx for your report. Fix will be merged in a few days.
(https://github.com/librenms/librenms/pull/12739)

Concerning the CVE, you’ll have to contact MITRE i suppose :
https://cve.mitre.org/

Bye

3

@Seongil_Wi
Fix is now merged. Master branch is fixed, and stable will be in a couple of days with next release.

Thanx for your report and Bye

4

This topic was automatically closed 91 days after the last reply. New replies are no longer allowed.