Threat Encyclopedia

Cross-site Scripting Vulnerability CVE-2022-40626 for Zabbix Agent

description-logoDescription

An unauthenticated user can create a link with reflected Javascript code inside the backurl parameter and send it to other authenticated users in order to create a fake account with predefined login, password and role in Zabbix Frontend.

affected-products-logoAffected Applications

Zabbix Agent

CVE References

CVE-2022-40626

Telemetry logoTelemetry