CVE-2024-50350: 
PHP vulnerability analysis and mitigation

LibreNMS, an open-source PHP/MySQL/SNMP-based network monitoring system, was found to contain a Stored Cross-Site Scripting (XSS) vulnerability (CVE-2024-50350). The vulnerability was discovered in the "Port Settings" page, allowing authenticated users to inject arbitrary JavaScript through the "name" parameter when creating a new Port Group. This vulnerability was fixed in version 24.10.0 (NVD, GitHub Advisory).

The vulnerability exists in the EditPortsController.php file where insufficient sanitization of the "name" parameter allows for XSS payload injection. The vulnerable code is located in the sink at line 69: $port_group_options .= '' . $group->name . '';. The vulnerability has been assigned a CVSS v3.1 base score of 5.4 (Medium) by NIST with the vector string CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N (NVD).

When exploited, this vulnerability allows the execution of malicious code when the "Port Settings" page is visited after the affected Port Group is added to a device. This can lead to the compromise of user sessions and enable unauthorized actions. The vulnerability affects the confidentiality and integrity of the system, potentially allowing attackers to perform actions on behalf of other users (GitHub Advisory).

The vulnerability has been fixed in LibreNMS version 24.10.0. The fix includes adding proper HTML encoding using htmlentities() function to prevent XSS attacks, as demonstrated in the patch commit (GitHub Commit).