Lucene search
Ubuntu.comUB:CVE-2022-24918HistoryMar 09, 2022 - 12:00 a.m.
CVE-2022-24918
2022-03-0900:00:00
ubuntu.com
ubuntu.com
13
0.001 Low
EPSS
Percentile
28.2%
An authenticated user can create a link with reflected Javascript code
inside it for items’ page and send it to other users. The payload can be
executed only with a known CSRF token value of the victim, which is changed
periodically and is difficult to predict. Malicious code has access to all
the same objects as the rest of the web page and can make arbitrary
modifications to the contents of the page being displayed to a victim
during social engineering attacks.
Related
prion
prion
Cross site request forgery (csrf)
2022-03-09 20:15:00
cve
cve
CVE-2022-24918
2022-03-09 20:15:00
debiancve
debiancve
CVE-2022-24918
2022-03-09 20:15:00
cvelist
cvelist
CVE-2022-24918 Reflected XSS in item configuration window of Zabbix Frontend
2022-02-01 00:00:00
openvas
openvas
Fedora: Security Advisory for zabbix (FEDORA-2022-d714c0d39c)
2022-03-23 00:00:00
Fedora: Security Advisory for zabbix (FEDORA-2022-5fab125c08)
2022-03-23 00:00:00
Fedora: Security Advisory for zabbix (FEDORA-2022-19a9053f17)
2022-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 36 Update: zabbix-5.0.21-1.fc36
2022-03-26 15:48:57
[SECURITY] Fedora 34 Update: zabbix-5.0.21-1.fc34
2022-03-22 03:19:15
[SECURITY] Fedora 35 Update: zabbix-5.0.21-1.fc35
2022-03-22 03:43:38
nessus
nessus
SUSE SLES12 Security Update : zabbix (SUSE-SU-2022:1254-1)
2022-04-20 00:00:00