Bug 1174253 (CVE-2020-15803)

Summary: VUL-0: CVE-2020-15803: zabbix: stored XSS in the URL Widget
Product: [Novell Products] SUSE Security Incidents Reporter: Alexandros Toptsoglou <atoptsoglou>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: boris, rfrohl, smash_bz, wolfgang.frisch
Version: unspecified   
Target Milestone: ---   
Hardware: Other   
OS: Other   
URL: https://smash.suse.de/issue/263917/
Whiteboard: CVSSv3.1:SUSE:CVE-2020-15803:6.3:(AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:H/A:N)
Found By: Security Response Team Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Alexandros Toptsoglou 2020-07-17 15:08:07 UTC 
CVE-2020-15803

Zabbix before 3.0.32rc1, 4.x before 4.0.22rc1, 4.1.x through 4.4.x before 4.4.10rc1, and 5.x before 5.0.2rc1 allows stored XSS in the URL Widget.

References:
https://support.zabbix.com/browse/ZBX-18057

References:
https://bugzilla.redhat.com/show_bug.cgi?id=1858258
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-15803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15803
https://support.zabbix.com/browse/ZBX-18057
Comment 2 Alexandros Toptsoglou 2020-07-17 15:10:46 UTC 
SLE12-SP3 both LEAP 15.1 and 15.2 and Factory tracked as affected
Comment 3 Boris Manojlovic 2020-07-18 21:58:40 UTC 
Updated packages for 
openSUSE_Leap 15.1 and 15.2
and for Backports_SLE-15-SP1 Backports_SLE-15-SP2
Comment 5 Robert Frohl 2020-07-22 11:57:34 UTC 
(In reply to Boris Manojlovic from comment #3)
> Updated packages for 
> openSUSE_Leap 15.1 and 15.2
> and for Backports_SLE-15-SP1 Backports_SLE-15-SP2

Sorry, but I had to decline the submission. We require boo# references for CVEs (and normal bugs) for submission.

Could you re-submit with the boo# reference added to the changes file. Just mention boo#1174253 somewhere in the changes entry and that would be sufficient.
Comment 6 Boris Manojlovic 2020-07-22 12:25:23 UTC 
added reference to this bug report
Comment 7 OBSbugzilla Bot 2020-07-22 13:00:06 UTC 
This is an autogenerated message for OBS integration:
This bug (1174253) was mentioned in
https://build.opensuse.org/request/show/822230 15.1+15.2+Backports:SLE-15-SP1+Backports:SLE-15-SP2 / zabbix
Comment 8 Swamp Workflow Management 2020-08-17 16:14:26 UTC 
SUSE-SU-2020:2251-1: An update that fixes one vulnerability is now available.

Category: security (moderate)
Bug References: 1174253
CVE References: CVE-2020-15803
JIRA References: 
Sources used:
SUSE Linux Enterprise Server 12-SP5 (src):    zabbix-4.0.12-4.7.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 9 Swamp Workflow Management 2020-10-04 10:14:17 UTC 
openSUSE-SU-2020:1604-1: An update that fixes two vulnerabilities is now available.

Category: security (moderate)
Bug References: 1174253
CVE References: CVE-2020-11800,CVE-2020-15803
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    zabbix-3.0.31-lp152.2.3.1
openSUSE Leap 15.1 (src):    zabbix-3.0.31-lp151.2.6.1
openSUSE Backports SLE-15-SP2 (src):    zabbix-3.0.31-bp152.2.3.1
openSUSE Backports SLE-15-SP1 (src):    zabbix-3.0.31-bp151.4.6.1
Comment 10 Wolfgang Frisch 2020-10-15 11:36:26 UTC 
Released.
Comment 11 Swamp Workflow Management 2022-02-16 14:19:41 UTC 
openSUSE-SU-2022:0036-1: An update that solves three vulnerabilities and has two fixes is now available.

Category: security (moderate)
Bug References: 1144018,1174253,1181400,1183014,1194681
CVE References: CVE-2020-15803,CVE-2021-27927,CVE-2022-23134
JIRA References: 
Sources used:
openSUSE Leap 15.3 (src):    zabbix-4.0.37-lp153.2.3.1