Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-24070

Stored XSS in graph items select form (CVE-2024-22119)

    XMLWordPrintable

Details

    • Team C
    • 1

    Description

      Can be reproduced on - 5.0, 6.0, 6.4, master.

      Steps to reproduce:
      1) Create item with name - <img src="x" onerror="alert('UWAGA');"/>
      2) Create graph and add created item to items list.
      3) Save graph.
      4) Open created graph again and click on added item.

      5) Then click on its name.

      Result:

      Expected:
      No alarm message.

      Attachments

        Issue Links

          Activity

            People

              epulke Elina Pulke
              smaklakovs Sergejs Maklakovs
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: