Zabbix: >> Frontend >> 7.0.0 Security Vulnerabilities
An authenticated Zabbix user (including Guest) is able to cause disproportionate CPU load on the webserver by sending specially crafted parameters to /imgstore.php, leading to potential denial of service.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-12-01
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.
CVSS Score
9.6
EPSS Score
0.003
Published
2023-12-18