FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

zabbix-frontend -- multiple XSS vulnerabilities

Affected packages
zabbix-frontend < 1.8.10,2

Details

VuXML ID 048c77df-3211-11e1-9583-14dae938ec40
Discovery 2011-08-04
Entry 2011-12-29

Martina Matari reports:

These URLs (hostgroups.php, usergrps.php) are vulnerable to persistent XSS attacks due to improper sanitation of gname variable when creating user and host groups.

References

URL https://support.zabbix.com/browse/ZBX-4015