Candidate: CVE-2011-4615
PublicDate: 2011-12-29 22:55:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4615
 http://www.zabbix.com/rn1.8.10rc1.php
 https://support.zabbix.com/browse/ZBX-4015
Description:
 Multiple cross-site scripting (XSS) vulnerabilities in Zabbix before 1.8.10
 allow remote attackers to inject arbitrary web script or HTML via the gname
 parameter (aka host groups name) to (1) hostgroups.php and (2)
 usergrps.php, the update action to (3) hosts.php and (4) scripts.php, and
 (5) maintenance.php.
Ubuntu-Description:
Notes:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=768525
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_zabbix:
upstream_zabbix: released (1.8.10)
hardy_zabbix: ignored (reached end-of-life)
lucid_zabbix: ignored (reached end-of-life)
maverick_zabbix: ignored (reached end-of-life)
natty_zabbix: ignored (reached end-of-life)
oneiric_zabbix: ignored (reached end-of-life)
precise_zabbix: not-affected (1:1.8.10-1)
quantal_zabbix: not-affected (1:1.8.10-1)
raring_zabbix: not-affected (1:1.8.10-1)
saucy_zabbix: not-affected (1:1.8.10-1)
devel_zabbix: not-affected (1:1.8.10-1)