A stored XSS has been found in the Zabbix web application in the Maps element if a URL field is set with spaces before URL.
2023-10-12T07:15:09.677
2025-11-03T22:16:21.797
Modified
CVSSv3.1: 7.6 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | zabbix | zabbix | ≤ 4.0.47 | Yes |
| Application | zabbix | zabbix | ≤ 5.0.36 | Yes |
| Application | zabbix | zabbix | ≤ 6.0.20 | Yes |
| Application | zabbix | zabbix | ≤ 6.4.5 | Yes |
| Application | zabbix | zabbix | 7.0.0 | Yes |
| Application | zabbix | zabbix | 7.0.0 | Yes |
| Application | zabbix | zabbix | 7.0.0 | Yes |