Unrated severityNVD Advisory· Published Apr 2, 2025· Updated Nov 3, 2025
Reflected XSS vulnerability in /zabbix.php?action=export.valuemaps
CVE-2024-45699
Description
The endpoint /zabbix.php?action=export.valuemaps suffers from a Cross-Site Scripting vulnerability via the backurl parameter. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload may be injected into the above endpoint causing it to be executed within the context of the victim's browser.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.