Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-22987

Inefficient URL schema validation (CVE-2023-29456)

XMLWordPrintable

      Mitre ID https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-29456
      CVSS score 5.7
      Severity Medium
      Summary Inefficient URL schema validation
      Description URL validation scheme receives input from a user and then parses it to identify its various components. The validation scheme can ensure that all URL components comply with internet standards.
      Known attack vectors This Inefficient URL schema validation leads to the XSS in maps, triggers, and other places where links can be added.
      Patch provided  No
      Component/s Frontend
      Affected version/s and fix version/s ·         Affected: 4.0.46, 5.0.35, 6.0.18, 6.4.3, 7.0.0alpha1
      ·         Fix: 4.0.46rc1, 5.0.35rc1, 6.0.18rc1, 6.4.3rc1, 7.0.0alpha1
      Fix compatibility tests -
      Resolution Fixed
      Workarounds None
      Acknowledgements -

            zabbix.dev Zabbix Development Team
            mmelnikovs Maris Melnikovs
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: