Headline
GHSA-86rg-8hc8-v82p: LibreNMS is vulnerable to Reflected-XSS in `report_this` function
Summary
Reflected-XSS in report_this function in librenms/includes/functions.php
Details
Recently, it was discovered that the report_this function had improper filtering (htmlentities function was incorrectly used in a href environment), which caused the project_issues parameter to trigger an XSS vulnerability.
The Vulnerable Sink: https://github.com/librenms/librenms/blob/master/includes/functions.php#L444
PoC
GET
project_issues=javascript:alert(document.cookie)
Impact
XSS vulnerabilities allow attackers to execute malicious scripts in users’ browsers, enabling unauthorized access to sensitive data, session hijacking, or malware distribution.
Suggestion
It is recommended to filter dangerous protocols, e.g. javascript:/file:.
Summary
Reflected-XSS in report_this function in librenms/includes/functions.php
Details
Recently, it was discovered that the report_this function had improper filtering (htmlentities function was incorrectly used in a href environment), which caused the project_issues parameter to trigger an XSS vulnerability.
The Vulnerable Sink:
https://github.com/librenms/librenms/blob/master/includes/functions.php#L444
PoC
GET
project_issues=javascript:alert(document.cookie)
Impact
XSS vulnerabilities allow attackers to execute malicious scripts in users’ browsers, enabling unauthorized access to sensitive data, session hijacking, or malware distribution.
Suggestion
It is recommended to filter dangerous protocols, e.g. javascript:/file:.
References
- GHSA-86rg-8hc8-v82p
- https://nvd.nist.gov/vuln/detail/CVE-2025-62365
- librenms/librenms@30d3dd7