CVE-2023-32721

See a problem?

Source

https://nvd.nist.gov/vuln/detail/CVE-2023-32721

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-32721.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2023-32721

Related

Published

2023-10-12T07:15:09Z

Modified

2024-10-03T19:55:24.101692Z

Severity

5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.

References

Affected packages

Debian:11 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:5.0.44+dfsg-1+deb11u1

Affected versions

1:5.*

1:5.0.8+dfsg-1

1:5.0.14+dfsg-1~bpo11+1

1:5.0.14+dfsg-1

1:5.0.17+dfsg-1~bpo11+1

1:5.0.17+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

1:6.0.23+dfsg-1

1:6.0.24+dfsg-1

1:6.0.25+dfsg-1

1:6.0.29+dfsg-1

1:7.*

1:7.0.0+dfsg-1

1:7.0.0+dfsg-2~bpo12+1

1:7.0.0+dfsg-2

1:7.0.1+dfsg-1~bpo12+1

1:7.0.1+dfsg-1

1:7.0.2+dfsg-1~bpo12+1

1:7.0.2+dfsg-1

1:7.0.3+dfsg-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / zabbix

Package

Name: zabbix
Purl: pkg:deb/debian/zabbix?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:6.0.23+dfsg-1

Affected versions

1:6.*

1:6.0.14+dfsg-1

1:6.0.23+dfsg-1~bpo12+1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/zabbix/zabbix

Affected ranges

Type: GIT
Repo: https://github.com/zabbix/zabbix
Events: Introduced

5b2736b602752c06bdab21057103032961cdf2b8

Last affected

6084b1dbbbaaeafe380f3ca16a3678962cf35e29

Last affected

72e3519b849b54011cc7792669fbcc629eb502c9

Last affected

8880b5094a533ea929452b4aebf021914df01eb8

Last affected

aef542ad8aef472874199012f9b2350db16dc7ee

Introduced

5203d2ea7d901cd33d148f20586e2155901a7faa

Last affected

b60e269feb4d3129744eed5162e72d509d348864

Introduced

9665d62db0e4b40f8fadbcf830e06530a0cc6935

Last affected

bc56b947960686f807fc35588a41df3c3ff206b8

Affected versions

5.*

5.0.0

5.0.1

5.0.10

5.0.10rc1

5.0.11

5.0.11rc1

5.0.12

5.0.12rc1

5.0.13

5.0.13rc1

5.0.14

5.0.14rc1

5.0.15

5.0.15rc1

5.0.16

5.0.16rc1

5.0.16rc2

5.0.17

5.0.17rc1

5.0.18

5.0.18rc1

5.0.19

5.0.19rc1

5.0.19rc2

5.0.1rc1

5.0.2

5.0.20

5.0.20rc1

5.0.21

5.0.21rc1

5.0.22

5.0.22rc1

5.0.23

5.0.23rc1

5.0.24

5.0.24rc1

5.0.25

5.0.25rc1

5.0.26

5.0.26rc1

5.0.27

5.0.27rc1

5.0.28

5.0.28rc1

5.0.29

5.0.29rc1

5.0.29rc2

5.0.2rc1

5.0.3

5.0.3.rc2

5.0.30

5.0.30rc1

5.0.31

5.0.31rc1

5.0.31rc2

5.0.32

5.0.32rc1

5.0.32rc2

5.0.33

5.0.33rc1

5.0.34

5.0.34rc1

5.0.35

5.0.35rc1

5.0.36

5.0.36rc1

5.0.3rc1

5.0.3rc2

5.0.4

5.0.4rc1

5.0.5

5.0.5rc1

5.0.6

5.0.6rc1

5.0.7

5.0.7rc1

5.0.8

5.0.8rc1

5.0.9

5.0.9rc1

5.0.9rc2

6.*

6.0.0

6.0.1

6.0.10

6.0.10rc1

6.0.10rc2

6.0.11

6.0.11rc1

6.0.11rc2

6.0.12

6.0.12rc1

6.0.12rc2

6.0.13

6.0.13rc1

6.0.14

6.0.14rc1

6.0.14rc2

6.0.15

6.0.15rc1

6.0.15rc2

6.0.16

6.0.16rc1

6.0.17

6.0.17rc1

6.0.17rc2

6.0.18

6.0.18rc1

6.0.19

6.0.19rc1

6.0.1rc1

6.0.1rc2

6.0.1rc3

6.0.1rc4

6.0.2

6.0.20

6.0.20rc1

6.0.2rc1

6.0.3

6.0.3rc1

6.0.4

6.0.4rc1

6.0.5

6.0.5rc1

6.0.6

6.0.6rc1

6.0.7

6.0.7rc1

6.0.8

6.0.8rc1

6.0.8rc2

6.0.9

6.0.9rc1

6.0.9rc2

6.4.0

6.4.1

6.4.1rc1

6.4.1rc2

6.4.2

6.4.2rc1

6.4.2rc2

6.4.3

6.4.3rc1

6.4.4

6.4.4rc1

6.4.5

6.4.5rc1

7.*

7.0.0alpha1

7.0.0alpha2