CVE-2022-40626

Description

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

References

Issue TrackingPatchVendor Advisory

CvssV3 impact

Could not find any metrics

CvssV2 impact

Could not find any metrics