A cross-site scripting vulnerability exists in Zabbix Frontend, a monitoring software front-end tool from Zabbix U.S.A. The vulnerability stems from a graphical page that lacks data validation filters for user-supplied data and output. An authenticated attacker could use the vulnerability to create a link on the graphical page containing reflected Javascript code and send it to other users.
CPE | Name | Operator | Version |
---|---|---|---|
zabbix zabbix frontend | lt | 5.0.25 |