CVE-2011-3264 Information

Description

Zabbix before 1.8.6 allows remote attackers to obtain sensitive information via an invalid srcfld2 parameter to popup.php which reveals the installation path in an error message.

Reference

http://www.zabbix.com/rn1.8.6.php https://exchange.xforce.ibmcloud.com/vulnerabilities/69377 https://support.zabbix.com/browse/ZBX-3840