CVE-2023-32725 Information

Description

The website configured in the URL widget will receive a session cookie when testing or executing scheduled reports. The received session cookie can then be used to access the frontend as the particular user.

Reference

https://support.zabbix.com/browse/ZBX-23854