CVE-2023-29450
- Source
- https://cve.org/CVERecord?id=CVE-2023-29450
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29450.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2023-29450
- Downstream
- Related
- Published
- 2023-07-13T09:15:09.660Z
- Modified
- 2026-03-13T11:32:31.076554Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
- Summary
- [none]
- Details
-
JavaScript pre-processing can be used by the attacker to gain access to the file system (read-only access on behalf of user "zabbix") on the Zabbix Server or Zabbix Proxy, potentially leading to unauthorized access to sensitive data.
- References
Affected packages
Git / github.com/zabbix/zabbix
Affected versions
6.*
6.0.0
6.0.1
6.0.10
6.0.10rc1
6.0.10rc2
6.0.11
6.0.11rc1
6.0.11rc2
6.0.12
6.0.12rc1
6.0.12rc2
6.0.13
6.0.13rc1
6.0.14
6.0.14rc1
6.0.14rc2
6.0.15
6.0.15rc1
6.0.15rc2
6.0.1rc1
6.0.1rc2
6.0.1rc3
6.0.1rc4
6.0.2
6.0.2rc1
6.0.3
6.0.3rc1
6.0.4
6.0.4rc1
6.0.5
6.0.5rc1
6.0.6
6.0.6rc1
6.0.7
6.0.7rc1
6.0.8
6.0.8rc1
6.0.8rc2
6.0.9
6.0.9rc1
6.0.9rc2
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "5.0.33"
}
]
},
{
"events": [
{
"introduced": "6.4.0"
},
{
"last_affected": "6.4.1"
}
]
},
{
"events": [
{
"introduced": "6.4.3"
},
{
"last_affected": "6.4.4"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-29450.json"