User: Password:
Subscribe / Log in / New account

zabbix: cross-site scripting

Package(s):zabbix CVE #(s):CVE-2011-2904
Created:August 18, 2011 Updated:August 24, 2011
Description: From the Red Hat bugzilla:

A vulnerability was reported in Zabbix where input passed to the "backurl" parameter in acknow.php is improperly sanitized before being returned to the user. This could be used to facilitate a cross-site scripting attack. This flaw is fixed in Zabbix 1.8.6

Gentoo 201311-15 zabbix 2013-11-25
Fedora FEDORA-2011-10601 zabbix 2011-08-10
Fedora FEDORA-2011-10618 zabbix 2011-08-10

(Log in to post comments)

Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds