CVE-2022-36746

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2022-36746

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-36746.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-36746

Aliases

GHSA-325v-g5vx-whxc

Published

2022-08-30T22:15:09.477Z

Modified

2025-11-20T12:09:28.296685Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

LibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php.

References

https://github.com/librenms/librenms/pull/14126

Affected packages

Git / github.com/librenms/librenms

Affected ranges

Type: GIT
Repo: https://github.com/librenms/librenms
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

3724aaa836722088a600758c829fb612519c22eb

Affected versions

0.*

0.1

1.*

1.19

1.20

1.21

1.25

1.26

1.27

1.28

1.29

1.30

1.30.01

1.31

1.31.01

1.31.02

1.31.03

1.32

1.33

1.35

1.36

1.37

1.38

1.39

1.40

1.41

1.42

1.42.01

1.43

1.44

1.45

1.46

1.47

1.48

1.48.1

1.49

1.50

1.51

1.52

1.53

1.53.1

1.54

1.55

1.56

1.57

1.58

1.58.1

1.59

1.60

1.61

1.62

1.63

1.64

1.64.1

1.65

1.66

1.67

1.68

1.69

1.70.0

1.70.1

Other

201505

201506

201507

201508

201509

201510

201511

201512

201601

201602

201603

201604

201605

201606

201607

201608

20160828

201609

21.*

21.1.0

21.10.0

21.11.0

21.12.0

21.12.1

21.2.0

21.3.0

21.4.0

21.5.0

21.5.1

21.6.0

21.7.0

21.8.0

21.9.0

22.*

22.1.0

22.2.0

22.2.1

22.3.0

22.4.0

22.5.0

22.6.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-36746.json"