VYPR
Unrated severityNVD Advisory· Published Sep 14, 2022· Updated Sep 16, 2024

Reflected XSS in the backurl parameter of Zabbix Frontend

CVE-2022-40626

Description

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.