Stored Cross-Site Scripting Vulnerability in LibreNMS Device Monitoring
CVE-2024-51495
What is CVE-2024-51495?
LibreNMS, an open-source network monitoring system, contains a Stored Cross-Site Scripting (XSS) vulnerability within its Device Overview page. Authenticated users can exploit this flaw by injecting arbitrary JavaScript through the 'overwrite_ip' parameter while editing a device. This malicious code is executed when other users access the affected device overview, potentially compromising their accounts and data. Users are encouraged to upgrade to version 24.10.0 or later to mitigate this risk. For more details, refer to the advisory and recent commits concerning this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.
References
CVSS V3.1
Timeline
Vulnerability published
