CVE-2016-10742

MEDIUM6.1EPSS 0.39%

zabbix - security update

Published: 2/17/2019Modified: 4/28/2026

Description

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

Affected packages (3)

Debian/zabbixfrom 0, < 1:3.0.17+dfsg-1
Debian/zabbixfrom 0, < 1:2.2.23+dfsg-0+deb8u1
Debian/zabbixfrom 0, < 1:3.0.31+dfsg-0+deb9u1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM6.1	CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-10742