Miggo Logo
Miggo Vulnerability Database
CVE-2022-4068

CVE-2022-4068: Cross-site Scripting in librenms/librenms

7.6

CVSS Score
3.0

Basic Information

CVE ID
CVE-2022-4068
GHSA ID
GHSA-f3hw-3h74-wr98
EPSS Score
0.97303%
CWE
CWE-79
Published
11/20/2022
Updated
2/1/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L
Package NameEcosystemVulnerable VersionsFirst Patched Version
librenms/librenmscomposer< 22.10.022.10.0

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from two key issues: 1) Mass assignment via $request->all() in UserController@update allowed unrestricted field modification. 2) Inadequate role-based validation in UpdateUserRequest@rules permitted non-admins to submit privileged fields. Together, these enabled users to reactivate disabled accounts and potentially inject XSS payloads via unsanitized username fields (though the exact XSS rendering point isn't visible in the provided diff). The commit fixes both by using validated() and implementing admin-specific validation rules.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

* us*r is **l* to *n**l* t**ir own ***ount i* it w*s *is**l** *y *n **min w*il* t** us*r still *ol*s * v*li* s*ssion. Mor*ov*r, t** us*rn*m* is not prop*rly s*nitiz** in t** **min us*r ov*rvi*w. T*is *n**l*s *n XSS *tt**k t**t *n**l*s *n *tt**k*r wit

Reasoning

T** vuln*r**ility st*ms *rom two k*y issu*s: *) M*ss *ssi*nm*nt vi* `$r*qu*st->*ll()` in `Us*r*ontroll*r@up**t*` *llow** unr*stri*t** *i*l* mo*i*i**tion. *) In***qu*t* rol*-**s** v*li**tion in `Up**t*Us*rR*qu*st@rul*s` p*rmitt** non-**mins to su*mit