Zabbix 5.0.25 Release Candidate 1
Approved changes feed: RSS · Atom
cpe:2.3:a:zabbix:zabbix:5.0.25:rc1:*:*:*:*:*:*
part: a version: 5.0.25 update: rc1
| Vendor | Zabbix (8857f8ff-2020-5e62-b9b7-687960752062) |
|---|---|
| Product | Zabbix (ff27d8f3-5575-5d69-ac0d-7d8e9faa4e83) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
pkg:docker/zabbix/zabbix-agent |
purl2cpe | 2026-06-01 10:13:01.956268 |
pkg:github/zabbix/zabbix |
purl2cpe | 2026-06-01 10:13:01.956269 |
pkg:rpm/fedora/zabbix |
purl2cpe | 2026-06-01 10:13:01.956270 |
pkg:rpm/opensuse/zabbix |
purl2cpe | 2026-06-01 10:13:01.956272 |
pkg:zabbix/zbx/zabbix |
purl2cpe | 2026-06-01 10:13:01.956273 |
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2022-35230 |
vulnerable | 2026-06-08 05:46:04.315119 |
Reflected XSS in graphs page of Zabbix Frontend
LOW (3.7)
An authenticated user can create a link with reflected Javascript code inside it for the graphs page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict.
Published: 2022-07-06T11:05:14.025Z
Updated: 2025-11-03T21:46:24.403Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.