Code injection

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend...

Zabbix Frontend 跨站脚本漏洞

Zabbix Frontend is a monitoring software front-end tool from the US-based Zabbix. A security vulnerability exists in Zabbix Frontend, which originates from the ability for an unauthenticated user to create a link with reflective Javascript code in the backurl parameter and send it to other...