Librenms · Librenms · CVE-2025-55296
Name of the Vulnerable Software and Affected Versions:
librenms versions prior to 25.8.0
Description:
A stored Cross-Site Scripting (XSS) issue exists in LibreNMS in the Alert Template creation feature. This allows a user with admin privileges to inject malicious JavaScript, which will be executed when the template is rendered, potentially compromising other admin accounts.
Recommendations:
Update to version 25.8.0 or later.