Details
-
Defect (Security)
-
Status: Closed
-
Blocker
-
Resolution: Fixed
-
None
-
None
-
Team B
-
Sprint 90 (Jul 2022)
-
2
Description
ID: ZBV-2022-07-1
CVE: CVE-2022-40626
Synopsis: Reflected XSS in the backurl parameter of Zabbix Frontend
Description: An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users.
Severity: Medium
Known Attack Vectors: When prepared link with malicious code is sent to a user with privileged rights in Zabbix (e.g. Zabbix Super Admin) and the user follows the link, the XSS payload will create a fake account with predefined login, password and role in Zabbix Frontend.
Resolution: To remediate this vulnerability, apply the updates listed in the 'Fixed Version' section to appropriate products.
Workarounds: The vulnerability can be exploited only by authenticated users. If an immediate update is not possible, review user access rights to your Zabbix Frontend, be attentive to browser warnings and always check any links you can receive via email or other means of communication, which lead to Zabbix Frontend and contain suspicious parameters with special symbols.
Affected components and their versions: Frontend 6.0.0-6.0.6, 6.2.0)
Fixed version/s: Frontend (=>6.0.7rc1, =>6.2.1rc1)