CVE-2023-32724

Memory pointer is in a property of the Ducktape object. This leads to multiple vulnerabilities related to direct memory access and manipulation.

CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.

CVE-2023-32722

The zabbix/src/libs/zbxjson module is vulnerable to a buffer overflow when parsing JSON files via zbx_json_open.

CVE-2023-32723

Request to LDAP is sent before user permissions are checked.