CVE-2023-32721 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2023-32721

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.

Published: Oct 12, 2023
Updated: Oct 18, 2023
CVE: CVE-2023-32721
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
zabbix / zabbix	7.0.0-alpha2	7.0.0-alpha2.x
zabbix / zabbix	7.0.0-alpha3	7.0.0-alpha3.x
zabbix / zabbix	7.0.0-alpha1	7.0.0-alpha1.x
zabbix / zabbix	6.4.0	6.4.5.x
zabbix / zabbix	6.0.0	6.0.20.x
zabbix / zabbix	5.0.0	5.0.36.x
zabbix / zabbix	4.0.0	4.0.47.x