2 matches found
[SECURITY] [DLA 3909-1] zabbix security update
Debian LTS Advisory DLA-3909-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost October 03, 2024 https://wiki.debian.org/LTS Package : zabbix Version : 1:5.0.44+dfsg-1+deb11u1 CVE ID : CVE-2022-23132 CVE-2022-23133 CVE-2022-24349 CVE-2022-24917 CVE-2022-24918...
CVE-2022-23133
Summary: CVE-2022-23133 is a Zabbix frontend vulnerability where an authenticated user can create a hosts group with a stored XSS payload. When other users perform host-group searches during new host creation, the payload can execute in their session, enabling session cookie theft and user impers...