Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10 allow remote attackers to inject arbitrary web script or HTML via the gname parameter (aka host groups name) to (1) hostgroups.php and (2) usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and (5) maintenance.php.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2011-12-29T22:00:00
Updated: 2024-08-07T00:09:19.538Z
Reserved: 2011-11-29T00:00:00
Link: CVE-2011-4615
Vulnrichment
No data.
NVD
Status : Modified
Published: 2011-12-29T22:55:01.140
Modified: 2017-08-29T01:30:31.723
Link: CVE-2011-4615
Redhat
No data.