Miggo Logo
Miggo Vulnerability Database
CVE-2022-29711

CVE-2022-29711: Cross site scripting in librenms

6.1

CVSS Score
3.1

Basic Information

CVE ID
CVE-2022-29711
GHSA ID
GHSA-2gqg-2rg7-gh33
EPSS Score
0.00088%
CWE
CWE-79
Published
6/3/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
librenms/librenmscomposer< 22.4.022.4.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stemmed from unescaped output of user-controlled data in the GraylogController. The patch added htmlspecialchars() to sanitize the 'source' and 'message' fields in the formatMessage method. Since these values originated from external graylog messages (user-controllable input) and were embedded directly into HTML responses without contextual escaping, the pre-patch version of this function was the root cause of the XSS vulnerability.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

Li*r*NMS v**.*.* w*s *is*ov*r** to *ont*in * *ross-sit* s*riptin* (XSS) vuln*r**ility vi* t** *ompon*nt /T**l*/*r*ylo**ontroll*r.p*p.

Reasoning

T** vuln*r**ility st*mm** *rom un*s**p** output o* us*r-*ontroll** **t* in t** `*r*ylo**ontroll*r`. T** p*t** ***** `*tmlsp**i*l***rs()` to s*nitiz* t** 'sour**' *n* 'm*ss***' *i*l*s in t** `*orm*tM*ss***` m*t*o*. Sin** t**s* v*lu*s ori*in*t** *rom *