CVE-2025-62411
Stored XSS in Alert Transport name field in LibreNMS
In short
LibreNMS allows administrators to store malicious code in Alert Transport names, which gets executed when viewing the Alert Rules page. This can let attackers steal session cookies or perform actions as the admin.
Technical detail
Stored XSS vulnerability in Alert Transports management where user-supplied Transport name input is reflected without sanitization in the Alert Rules page UI. Requires admin privileges to inject payload; impacts confidentiality and integrity of admin sessions.
Summary generated and translated by AI from the official description.
LibreNMS is a community-based GPL-licensed network monitoring system. LibreNMS <= 25.8.0 contains a Stored Cross-Site Scripting (XSS) vulnerability in the Alert Transports management functionality. When an administrator creates a new Alert Transport, the value of the Transport name field is stored and later rendered in the Transports column of the Alert Rules page without proper input validation or output encoding. This leads to arbitrary JavaScript execution in the admin’s browser. This vulnerability is fixed in 25.10.0.
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N
Affected products
librenms · librenmsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →