Reflected Cross-Site Scripting Vulnerability in phpIPAM by phpIPAM
CVE-2024-55093

4.7MEDIUM

Key Information:

Vendor: PHPipam
Status: PHPipam
Vendor: CVE Published:; 31 March 2025

What is CVE-2024-55093?

phpIPAM version 1.7.3 is susceptible to a reflected Cross-Site Scripting (XSS) vulnerability that arises from insufficient sanitization in the install scripts. This flaw can be exploited by attackers to inject malicious scripts into web pages viewed by unsuspecting users, potentially leading to unauthorized access, data leaks, and other security breaches. It is crucial for users of this version to apply patches and updates to mitigate the risks associated with this vulnerability.

Affected Version(s)

phpIPAM 0 <= 1.7.3

References

https://github.com/phpipam/phpipam/commit/d0caaeba885364f...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Timeline

Vulnerability published
Mar 31, 2025
Vulnerability Reserved
Dec 6, 2024

PHPipam

What is CVE-2024-55093?

Affected Version(s)

References

CVSS V3.1

Timeline