Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2020-15803
HistoryJul 17, 2020 - 3:15 a.m.

CVE-2020-15803

2020-07-1703:15:11
CWE-79
[email protected]
web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.079 Low

EPSS

Percentile

94.3%

JSON

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

Affected configurations

NVD
Node
zabbixzabbixRange3.0.31
OR
zabbixzabbixRange4.0.04.0.21
OR
zabbixzabbixRange4.44.4.9
OR
zabbixzabbixRange5.0.05.0.1
OR
zabbixzabbixMatch3.0.32rc1
OR
zabbixzabbixMatch4.0.22-
OR
zabbixzabbixMatch4.0.22rc1
OR
zabbixzabbixMatch4.4.10-
OR
zabbixzabbixMatch4.4.10rc1
OR
zabbixzabbixMatch5.0.2-
OR
zabbixzabbixMatch5.0.2rc1
Node
fedoraprojectfedoraMatch31
OR
fedoraprojectfedoraMatch32
Node
debiandebian_linuxMatch9.0
Node
opensusebackportsMatchsle-15sp1
OR
opensusebackportsMatchsle-15sp2
OR
opensuseleapMatch15.1
OR
opensuseleapMatch15.2

Related

ubuntucve 1
debian 4
nessus 9
cve 1
osv 5
openvas 9
exploitdb 1
fedora 2
debiancve 1
cvelist 1
packetstorm 1
prion 1
suse 3
ubuntu 1
ubuntucve
ubuntucve
CVE-2020-15803
2020-07-17 00:00:00
debian
debian
[SECURITY] [DLA 2311-1] zabbix security update
2020-08-03 15:05:45
[SECURITY] [DLA 2631-1] zabbix security update
2021-04-21 14:41:32
[SECURITY] [DLA 3390-1] zabbix security update
2023-04-12 13:36:51
nessus
nessus
Debian DLA-2311-1 : zabbix security update
2020-08-04 00:00:00
Fedora 32 : 1:zabbix (2020-02cf7850ca)
2020-07-30 00:00:00
SUSE SLES12 Security Update : zabbix (SUSE-SU-2020:2251-1)
2020-08-18 00:00:00
cve
cve
CVE-2020-15803
2020-07-17 03:15:11
osv
osv
zabbix - security update
2020-08-03 00:00:00
CVE-2020-15803
2020-07-17 03:15:11
zabbix - security update
2021-04-21 00:00:00
openvas
openvas
Fedora: Security Advisory for zabbix (FEDORA-2020-519516feec)
2020-07-31 00:00:00
Debian: Security Advisory (DLA-2311-1)
2020-08-04 00:00:00
Fedora: Security Advisory for zabbix (FEDORA-2020-02cf7850ca)
2020-07-31 00:00:00
exploitdb
exploitdb
Zabbix 5.0.0 - Stored XSS via URL Widget Iframe
2020-12-04 00:00:00
fedora
fedora
[SECURITY] Fedora 32 Update: zabbix-4.0.22-1.fc32
2020-07-30 17:53:43
[SECURITY] Fedora 31 Update: zabbix-4.0.22-1.fc31
2020-07-28 15:03:33
debiancve
debiancve
CVE-2020-15803
2020-07-17 03:15:11
cvelist
cvelist
CVE-2020-15803
2020-07-17 00:00:00
packetstorm
packetstorm
Zabbix 5.0.0 Cross Site Scripting
2020-12-04 00:00:00
prion
prion
Design/Logic Flaw
2020-07-17 03:15:00
suse
suse
Security update for zabbix (moderate)
2020-10-04 00:00:00
Security update for zabbix (moderate)
2022-02-16 00:00:00
Security update for MozillaThunderbird (important)
2022-03-01 00:00:00
ubuntu
ubuntu
Zabbix vulnerabilities
2022-06-15 00:00:00

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

6.1 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

0.079 Low

EPSS

Percentile

94.3%

JSON
Related for NVD:CVE-2020-15803
ubuntucve1debian4nessus9cve1osv5openvas9exploitdb1fedora2debiancve1cvelist1packetstorm1prion1suse3ubuntu1