CVE-2022-40626: 
Zabbix Server vulnerability analysis and mitigation

A reflected Cross-Site Scripting (XSS) vulnerability was discovered in Zabbix Frontend, identified as CVE-2022-40626. The vulnerability was discovered on July 8, 2022, and affects Zabbix Frontend versions 6.0.0-6.0.6 and 6.2.0. The issue allows an unauthenticated user to create a malicious link containing reflected Javascript code within the backurl parameter, which can be sent to authenticated users (Zabbix Bug).

The vulnerability is classified as a CWE-79 (Cross-site Scripting) issue with a Medium severity rating. The vulnerability was introduced in version 6.0.0beta3 through two specific commits and was subsequently fixed in version 6.0.7rc1. The technical nature of the vulnerability involves the manipulation of the backurl parameter in the Zabbix Frontend, allowing for the injection of malicious JavaScript code (Debian Tracker).

When exploited, the vulnerability allows attackers to create fake accounts with predefined login credentials and roles in the Zabbix Frontend. This is particularly concerning when the malicious link is accessed by users with privileged rights, such as Zabbix Super Admin users (Zabbix Bug).

The vulnerability has been fixed in Zabbix Frontend versions 6.0.7rc1, 6.2.1rc1, and later. If immediate updates are not possible, administrators should review user access rights to the Zabbix Frontend and advise users to be cautious of browser warnings and suspicious links containing special symbols that lead to the Zabbix Frontend (Zabbix Bug).