CVE-2026-23928 - Stored XSS vulnerability in the Item history/Plain text widget
CVE ID :CVE-2026-23928 Published : May 6, 2026, 7 a.m. | 1 hour, 27 minutes ago Description :The Item history widget (in Zabbix 7.0+) or the Plain text widget (in Zabbix 6.0) can execute injected JavaScript when HTML display is enabled. This can allow an attacker to perform unauthorized action
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
- [CYBER] Palo Alto Networks warns of firewall RCE zero-day exploited in attacks
- [CYBER] Argo CD ServerSideDiff Flaw Allows Attackers to Extract Kubernetes Secrets
- [CYBER] EU cyber plan barring Chinese suppliers will cost US$430 billion: report
- [CYBER] Palo Alto Networks PAN-OS flaw exploited for remote code execution
- [CYBER] When the Platform Your School Trusts Gets Hacked, Who's Actually Responsible?