Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-24070

Stored XSS in graph items select form (CVE-2024-22119)

XMLWordPrintable

    • 1

      Can be reproduced on - 5.0, 6.0, 6.4, master.

      Steps to reproduce:
      1) Create item with name - <img src="x" onerror="alert('UWAGA');"/>
      2) Create graph and add created item to items list.
      3) Save graph.
      4) Open created graph again and click on added item.

      5) Then click on its name.

      Result:

      Expected:
      No alarm message.

        1. image-2023-11-22-12-09-52-393.png
          image-2023-11-22-12-09-52-393.png
          60 kB
        2. image-2023-11-22-12-10-40-172.png
          image-2023-11-22-12-10-40-172.png
          47 kB

            epulke Elina Pulke (Inactive)
            smaklakovs Sergejs Maklakovs
            Team C
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: