Security Advisory

CVE-2024-36465

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-04-02 06:11:26

Last updated 2025-04-02 15:09:28

Assigner Zabbix

State PUBLISHED

Description

A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.

← Browse all CVEs View on cve.org ↗