Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the (1) filter_set, (2) show_details, (3) filter_rst, or (4) txt_select parameters to the triggers page (tr_status.php). NOTE: some of these details are obtained from third party information.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2010-08-04T19:00:00

Updated: 2024-08-07T02:46:48.224Z

Reserved: 2010-07-22T00:00:00

Link: CVE-2010-2790

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2010-08-05T13:23:09.680

Modified: 2023-11-07T02:05:43.647

Link: CVE-2010-2790

cve-icon Redhat

No data.