Vulnerabilities > Zabbix > Zabbix Server > High

DATE CVE VULNERABILITY TITLE RISK
2023-12-18 CVE-2023-32725 Reliance on Cookies without Validation and Integrity Checking vulnerability in Zabbix Frontend and Zabbix Server
The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports.
network
low complexity
zabbix CWE-565
8.8
2023-12-18 CVE-2023-32727 Improper Input Validation vulnerability in Zabbix Server 6.0.22/6.4.7/7.0.0
An attacker who has the privilege to configure Zabbix items can use function icmpping() with additional malicious command inside it to execute arbitrary code on the current Zabbix server.
network
low complexity
zabbix CWE-20
7.2