3 matches found
Zabbix Frontend Cross-Site Scripting Vulnerability (CNVD-2022-22695)
A cross-site scripting vulnerability in Zabbix Frontend, a monitoring software front-end tool from Zabbix USA, stems from a lack of data validation filtering of user-supplied data and output in the service configuration window, which could be exploited by an authenticated attacker to create a lin...
CVE-2022-24917 Reflected XSS in service configuration window of Zabbix Frontend
An authenticated user can create a link with reflected Javascript code inside it for services’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all...
Zabbix Frontend 跨站脚本漏洞
A cross-site scripting vulnerability in Zabbix Frontend, a monitoring software front-end tool from Zabbix USA, stems from a lack of data validation filtering of user-supplied data and output in the graphical configuration window, which could be exploited by an authenticated attacker to create a...