CVE-2024-22119 | SynScan

Vulnerability Database

289,697

Total vulnerabilities in the database

CVE-2024-22119

The cause of vulnerability is improper validation of form input field “Name” on Graph page in Items section.

Published: Feb 9, 2024
Updated: Feb 16, 2024
CVE: CVE-2024-22119
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.4
AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
zabbix / zabbix	7.0.0-alpha2	7.0.0-alpha2.x
zabbix / zabbix	7.0.0-alpha3	7.0.0-alpha3.x
zabbix / zabbix	7.0.0-alpha1	7.0.0-alpha1.x
zabbix / zabbix	7.0.0-alpha6	7.0.0-alpha6.x
zabbix / zabbix	7.0.0-alpha7	7.0.0-alpha7.x
zabbix / zabbix	7.0.0-alpha4	7.0.0-alpha4.x
zabbix / zabbix	7.0.0-alpha5	7.0.0-alpha5.x
zabbix / zabbix	6.4.0	6.4.9
zabbix / zabbix	6.0.0	6.0.24
zabbix / zabbix	5.0.0	5.0.40