CVE-2023-29455

Name of the Vulnerable Software and Affected Versions Zabbix (affected versions not specified)

Description The issue is related to a lack of protection of the web page structure in Zabbix, allowing a remote attacker to access and compromise confidential data. This is a reflected XSS attack, also known as a non-persistent attack, where a malicious script is reflected off a web application to the victim's browser. The script is activated through a link that sends a request to a website with a vulnerability that enables the execution of malicious scripts.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.