CVE-2011-2904

Description

Cross-site scripting (XSS) vulnerability in acknow.php in Zabbix before 1.8.6 allows remote attackers to inject arbitrary web script or HTML via the backurl parameter.

Affected packages (1)

• Debian/zabbixfrom 0, < 1:1.8.6-1

References (1)

• ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2011-2904