Zabbix 5.0.25

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:zabbix:zabbix:5.0.25:-:*:*:*:*:*:*

part: a version: 5.0.25 update: -

VendorZabbix (8857f8ff-2020-5e62-b9b7-687960752062)
ProductZabbix (ff27d8f3-5575-5d69-ac0d-7d8e9faa4e83)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from NVD CPE 2.0 feed

PURL mappings

PURLSourceLast updated
pkg:docker/zabbix/zabbix-agent purl2cpe 2026-06-01 10:13:01.956261
pkg:github/zabbix/zabbix purl2cpe 2026-06-01 10:13:01.956262
pkg:rpm/fedora/zabbix purl2cpe 2026-06-01 10:13:01.956264
pkg:rpm/opensuse/zabbix purl2cpe 2026-06-01 10:13:01.956265
pkg:zabbix/zbx/zabbix purl2cpe 2026-06-01 10:13:01.956266

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-35230 vulnerable 2026-06-08 05:46:04.313650 Reflected XSS in graphs page of Zabbix Frontend
LOW (3.7)
An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.
Published: 2022-07-06T11:05:14.025Z
Updated: 2025-11-03T21:46:24.403Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2022-35229 vulnerable 2026-06-08 05:46:04.312968 Reflected XSS in discovery page of Zabbix Frontend
LOW (3.7)
An authenticated user can create a link with reflected Javascript code inside it for the discovery page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.
Published: 2022-07-06T11:05:12.493Z
Updated: 2025-11-03T21:46:22.936Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.