CVE-2023-29453

🗓️ 12 Oct 2023 05:50:19Reported by ZabbixType

CVE-2023-29453: Templates do not properly consider backticks as Javascript string delimiters, leading to arbitrary Javascript code injection

Reporter	Title	Published	Views	Family All 18
AstraLinux	Astra Linux - уязвимость в zabbix	20 May 202605:53	–	astralinux
CNNVD	Zabbix Code Injection Vulnerability	12 Oct 202300:00	–	cnnvd
Cvelist	CVE-2023-29453 Agent 2 package are built with Go version affected by CVE-2023-24538	12 Oct 202305:50	–	cvelist
Debian CVE	CVE-2023-29453	12 Oct 202305:50	–	debiancve
EUVD	EUVD-2023-33022	3 Oct 202520:07	–	euvd
NVD	CVE-2023-29453	12 Oct 202306:15	–	nvd
OSV	DEBIAN-CVE-2023-29453	12 Oct 202306:15	–	osv
OSV	UBUNTU-CVE-2023-29453	12 Oct 202306:15	–	osv
Prion	Design/Logic Flaw	12 Oct 202306:15	–	prion
Positive Technologies	PT-2023-6100 · Zabbix +4 · Zabbix +4	11 May 202300:00	–	ptsecurity

NVD

Node

zabbix zabbix-agent2Range5.0.0–5.0.35

zabbix zabbix-agent2Range6.0.0–6.0.18

zabbix zabbix-agent2Range6.4.0–6.4.3

[
  {
    "defaultStatus": "unaffected",
    "modules": [
      "Agent2"
    ],
    "product": "Zabbix",
    "repo": "https://git.zabbix.com/",
    "vendor": "Zabbix",
    "versions": [
      {
        "changes": [
          {
            "at": "5.0.35",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "5.0.34",
        "status": "affected",
        "version": "5.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "6.0.18",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.0.17",
        "status": "affected",
        "version": "6.0.0",
        "versionType": "git"
      },
      {
        "changes": [
          {
            "at": "6.4.3",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "6.4.2",
        "status": "affected",
        "version": "6.4.0",
        "versionType": "git"
      }
    ]
  }
]

Source	Link
support	www.support.zabbix.com/browse/ZBX-23388

21 Nov 2024 07:57Current

9.7High risk

Vulners AI Score9.7

CVSS 3.19.8

EPSS0.00559

SSVC

CWE-94