Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/include/classes/class.curl.php in Zabbix before 1.8.3rc1 allow remote attackers to inject arbitrary web script or HTML via the (1) filter_set, (2) show_details, (3) filter_rst, or (4) txt_select parameters to the triggers page (tr_status.php). NOTE: some of these details are obtained from third party information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2010-08-04T19:00:00
Updated: 2024-08-07T02:46:48.224Z
Reserved: 2010-07-22T00:00:00
Link: CVE-2010-2790
Vulnrichment
No data.
NVD
Status : Modified
Published: 2010-08-05T13:23:09.680
Modified: 2024-11-21T01:17:22.960
Link: CVE-2010-2790
Redhat
No data.