Primary

Context

LibreNMS Stored Cross-Site Scripting Vulnerability in Alert Rules Workflow

Vulnerability

Patched

A stored cross-site scripting vulnerability has been identified in LibreNMS versions through 25.12.0. This issue resides within the Alert Rules workflow, where an attacker with administrative privileges can inject malicious scripts. These scripts are executed in the context of the browser for any user who accesses the Alert Rules page. The vulnerability has been addressed in version 26.2.0.

Impact

Exploitation of this vulnerability allows for stored cross-site scripting, where injected scripts are executed in the context of the user viewing the Alert Rules page.

Reproduction

To reproduce this vulnerability, an admin user can create an alert rule and inject JavaScript into the rule's name or value fields. Once the rule is saved, the injected script will execute when the Alert Rules page is accessed.

Remediation

Users can upgrade to LibreNMS version 26.2.0 to address this vulnerability.

Added: Feb 20, 2026, 2:32 AM

Updated: Feb 20, 2026, 2:32 AM

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

1.7

exploitability

5.9

remediation

7.7

relevance

3.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.0

impact

1.7

exploitability

5.9

remediation

7.7

relevance

3.2

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

LibreNMS Stored Cross-Site Scripting Vulnerability in Alert Rules Workflow

Vulnerability

Impact

Reproduction

Remediation

Affected Products

LibreNMS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating