Lucene search
China National Vulnerability DatabaseCNVD-2022-58412HistoryJul 08, 2022 - 12:00 a.m.
Zabbix Frontend Cross-Site Scripting Vulnerability (CNVD-2022-58412)
2022-07-0800:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
22.7%
A cross-site scripting vulnerability exists in Zabbix Frontend, a monitoring software front-end tool from Zabbix U.S.A. The vulnerability stems from a graphical page that lacks data validation filters for user-supplied data and output. An authenticated attacker could use the vulnerability to create a link on the graphical page containing reflected Javascript code and send it to other users.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zabbix zabbix frontend | lt | 5.0.25 |
Related
cve
cve
CVE-2022-35230
2022-07-06 11:15:09
ubuntucve
ubuntucve
CVE-2022-35230
2022-07-06 00:00:00
nvd
nvd
CVE-2022-35230
2022-07-06 11:15:09
osv
osv
CVE-2022-35230
2022-07-06 11:15:09
zabbix vulnerabilities
2024-04-25 20:13:57
zabbix - security update
2023-04-12 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2022:3101-1)
2022-09-07 00:00:00
Ubuntu: Security Advisory (USN-6751-1)
2024-04-26 00:00:00
Debian: Security Advisory (DLA-3390-1)
2023-04-13 00:00:00
debiancve
debiancve
CVE-2022-35230
2022-07-06 11:15:09
prion
prion
Cross site request forgery (csrf)
2022-07-06 11:15:00
nessus
nessus
SUSE SLES12 Security Update : zabbix (SUSE-SU-2022:3101-1)
2022-09-08 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS : Zabbix vulnerabilities (USN-6751-1)
2024-04-25 00:00:00
Debian DLA-3390-1 : zabbix - LTS security update
2023-04-12 00:00:00
cvelist
cvelist
CVE-2022-35230 Reflected XSS in graphs page of Zabbix Frontend
2022-07-06 00:00:00
ubuntu
ubuntu
Zabbix vulnerabilities
2024-04-25 00:00:00
debian
debian
[SECURITY] [DLA 3390-1] zabbix security update
2023-04-12 13:36:51
[SECURITY] [DLA 3390-1] zabbix security update
2023-04-12 13:46:20