Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-18057

Stored Cross Site Scripting attack on URL widget (CVE-2020-15803)

XMLWordPrintable

    • Sprint 66 (Jul 2020)
    • 1

       

      1. Add in to zabbix defines configuration to use iFrame sandbox parameter
        1. On by default
        2. Update documentation on https://www.zabbix.com/documentation/current/manual/installation/requirements/best_practices
      2. Add sandbox parameter to URL widget iframe

      As a separate change will be refactoring of definex.inc to allow user override defines without reset the values on update. 

            talbergs Mārtiņš Tālbergs (Inactive)
            palivoda Rostislav Palivoda
            Team B
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: