1 results (0.016 seconds)
CVSS: 9.6EPSS: 0%CPEs: 10EXPL: 0
CVE-2023-32725 – Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.
https://notcve.org/view.php?id=CVE-2023-32725
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user. El sitio web configurado en el widget de la URL recibirá una cookie de sesión al probar o ejecutar informes programados. La cookie de sesión recibida se puede utilizar para acceder a la interfaz como usuario particular. • https://support.zabbix.com/browse/ZBX-23854 • CWE-565: Reliance on Cookies without Validation and Integrity Checking •