6 matches found
UBUNTU-CVE-2026-23928
The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...
CVE-2026-23928
The Item history widget in Zabbix 7.0+ or the Plain text widget in Zabbix 6.0 can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized actions depending on which user opens a dashboard containing these widgets. The malicious JavaScript would...
ROS-20260417-73-0037
Vulnerability in zabbix7-lts is related to failure to take measures to neutralize special elements used in operating system commands. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary commands...
ROS-20260417-73-0041
Vulnerability in zabbix7-lts related to providing a data element for an erroneous session. Exploitation of the vulnerability could allow an attacker to escalate his privileges...
ROS-20260417-73-0042
Vulnerability in zabbix7.2 related to providing a data element for an erroneous session. Exploitation of the vulnerability may allow an attacker to escalate his privileges...
ROS-20260401-73-0049
Vulnerability in zabbix7-lts related to a flaw in the authorization mechanism. Exploitation of the vulnerability may allow a remote intruder to gain unauthorized access to protected information...