CVE-2022-24918: 
Zabbix Server vulnerability analysis and mitigation

CVE-2022-24918 is a reflected XSS vulnerability discovered in the Zabbix Frontend that affects versions 5.0.0-5.0.20, 5.4.0-5.4.10, and 6.0. The vulnerability was disclosed in February 2022 and allows an authenticated user to create a link containing reflected JavaScript code for the items' page and send it to other users (Zabbix Support).

The vulnerability is classified as a reflected Cross-Site Scripting (XSS) issue with a CVSS score of 3.7, indicating Low severity. The exploitation requires a known CSRF token value of the victim, which is periodically changed and difficult to predict. When successfully exploited, the malicious code gains access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim (Zabbix Support).

When successfully exploited, the vulnerability allows malicious code to access all objects available to the web page and make arbitrary modifications to the contents displayed to the victim during social engineering attacks. The attack requires social engineering and several factors to align, including authorized access to the Zabbix Frontend, network connectivity between the malicious server and victim's computer, understanding of the attacked infrastructure, and victim's trust (Zabbix Support).

The vulnerability has been fixed in versions 5.0.21rc1, 5.4.11rc1, and 6.0.1rc1. If immediate updates are not possible, administrators should review user access rights to the Zabbix Frontend, be attentive to browser warnings, and carefully check any links received via email or other communication channels that lead to the items page of Zabbix Frontend, especially those containing suspicious parameters with special symbols (Zabbix Support, Fedora Update).