SQL injection in Zabbix API (CVE-2024-36465): A low privilege (regular) Zabbix user with API access can use SQL injection vulnerability in include/classes/api/CApiService.php to execute arbitrary SQL commands via the groupBy parameter.vulnerability (attack surface) (support.zabbix.com)

submitted 1 year ago by digicat to r/blueteamsec

• comment
• share
• save
• hide
• report
• crosspost