MEDIUM🇬🇧 English

CVE-2023-30958

CVSS 4.7v3.1pub. 2023-08-03upd. 2024-11-21

A security defect was identified in Foundry Frontend that enabled users to potentially conduct DOM XSS attacks if Foundry's CSP were to be bypassed. This defect was resolved with the release of Foundry Frontend 6.225.0.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
  • Zabbix Frontend

    APP
    Zabbix
    < 6.225.0
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2023-32725CRITICAL9.6PL ✓ten sam produkt

Zabbix: wyciek sesyjnego cookie przez widget URL i raporty zaplanowane

CVE-2025-27232MEDIUM6.8ten sam produkt

An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the we...

CVE-2025-49643MEDIUM6.0ten sam produkt

An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by ...

CVE-2023-29455MEDIUM5.4ten sam produkt

Reflected XSS attacks, also known as non-persistent attacks, occur when a malicious script is reflected off a ...

CVE-2023-29456MEDIUM5.7ten sam produkt

URL validation scheme receives input from a user and then parses it to identify its various components. The va...