Web: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2022-40626

Sept. 14, 2022, 11:15 a.m. |

National Vulnerability Database nist.gov

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

cve fedora zabbix

Cybersecurity Engineer

@ Apercen Partners LLC | Folsom, CA

IDM Sr. Security Developer

@ The Ohio State University | Columbus, OH, United States

IT Security Engineer

@ Stylitics | New York City

Information Security Engineer

@ VDA Labs | Remote

Information Security Analyst

@ Metropolitan Transportation Commission | San Francisco, CA

Product Security Engineer (SSDL)

@ ServiceNow | Denver, Colorado, United States

Application Security Sales Specialist

@ Dynatrace | Munich, Germany

Threat Intelligence Response Analyst

@ Recorded Future, Inc. | London

IT Security Analyst

@ Docebo | Toronto, Ontario

Software Engineer - Perception and Threat Assessment - XC

@ Bosch Group | Plymouth, MI, United States

Sr. Cyber Incident Response Analyst

@ Experian | Heredia, Costa Rica

Manager, DT GRC (Governance, Risk, And compliance)

@ ServiceNow | Austin, Texas, United States