Описание
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 1:6.0.29+dfsg-1 |
| esm-apps/bionic | released | 1:3.0.12+dfsg-1ubuntu0.1~esm2 |
| esm-apps/focal | released | 1:4.0.17+dfsg-1ubuntu0.1~esm1 |
| esm-apps/jammy | not-affected | 1:5.0.2+dfsg-1 |
| esm-apps/xenial | released | 1:2.4.7+dfsg-2ubuntu2.1+esm2 |
| esm-infra-legacy/trusty | not-affected | code not present |
| focal | ignored | end of standard support, was needed |
| groovy | not-affected | 1:5.0.2+dfsg-1 |
| hirsute | not-affected | 1:5.0.2+dfsg-1 |
Показывать по
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3
Связанные уязвимости
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x bef ...
Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.
Уязвимость универсальной системы мониторинга Zabbix, связанная с непринятием мер по защите структуры веб-страницы, позволяющая нарушителю оказать воздействие на целостность данных
EPSS
4.3 Medium
CVSS2
6.1 Medium
CVSS3