17Oca
CVE-2025-23198 | librenms up to 24.10.x /device/$DEVICE_ID/edit display cross site scripting (GHSA-pm8j-3v64-92cq)
A vulnerability was found in librenms up to 24.10.x and classified as problematic. Affected by this issue is some unknown functionality of the file /device/$DEVICE_ID/edit. The manipulation of the argument display leads to cross site scripting. This vulnerability is handled as CVE-2025-23198. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.