CVE-2024-47525: 
PHP vulnerability analysis and mitigation

LibreNMS, an open-source PHP/MySQL/SNMP-based network monitoring system, was found to contain a Stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-47525) in its 'Alert Rules' feature. The vulnerability was discovered and disclosed on October 1, 2024, affecting versions up to 24.7.0, and has been fixed in version 24.9.0 (GitHub Advisory).

The vulnerability exists in the 'Alert Rules' feature where authenticated users can inject arbitrary JavaScript through the 'Title' field. The issue stems from improper sanitization of user inputs in the Title field, allowing attackers to escape the attribute context where the title is injected (data-content). The vulnerability is specifically located in librenms/includes/html/print-alert-rules.php, where the application fails to sanitize the $rule['name'] value before adding it to the $enabled_msg variable. The vulnerability has received a CVSS v3.1 base score of 7.5 (HIGH) with a vector string of CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:L/A:L (GitHub Advisory).

The vulnerability allows authenticated users to execute arbitrary JavaScript code in the context of other users' sessions. This could lead to account compromise and enable attackers to perform unauthorized actions on behalf of other users. The impact is particularly severe as it could affect administrative users accessing the alert rules page (GitHub Advisory).

The vulnerability has been patched in LibreNMS version 24.9.0. Users are advised to upgrade to this version or later to protect against this vulnerability. The fix involves proper sanitization of user input in the alert rules feature (GitHub Advisory, LibreNMS Patch).