Unrated severityNVD Advisory· Published Jun 24, 2025· Updated Jun 24, 2025
CVE-2024-56916
CVE-2024-56916
Description
In Netbox Community 4.1.7, once authenticated, Configuration History > Addis vulnerable to cross-site scripting (XSS) due to the current value` field rendering user supplied html. An authenticated attacker can leverage this to add malicious JavaScript to the any banner field. Once a victim edits a Configuration History version or attempts to Add a new version, the XSS payload will trigger.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: =4.1.7
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.