Description
LibreNMS is an auto-discovering PHP/MySQL/SNMP based network monitoring tool. In versions 26.1.1 and below, the port group name is not sanitized, allowing attackers with admin privileges to perform Stored Cross-Site Scripting (XSS) attacks. When a user adds a port group, an HTTP POST request is sent to the Request-URI "/port-groups". The name of the newly created port group is stored in the value of the name parameter. After the port group is created, the entry is displayed along with relevant buttons such as Edit and Delete. This issue has been fixed in version 26.2.0.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://github.com/librenms/librenms/security/advisories/GHSA-93fx-g747-695x
Issue Tracking x_refsource_misc
https://github.com/librenms/librenms/pull/19042
Patch x_refsource_misc
https://github.com/librenms/librenms/commit/882fe6f90ea504a3732f83caf89bba7850a5699f
Release Notes x_refsource_misc
https://github.com/librenms/librenms/releases/tag/26.2.0
Scores
CVSS v3
4.8
EPSS
0.0000
EPSS Percentile
0.2%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Products (2)
librenms/librenms
< 26.2.0
librenms/librenms
0 - 26.2.0Packagist
Published
Feb 20, 2026
Tracked Since
Feb 20, 2026