The researcher is showing that due to the way the SNMP trap log is parsed, an attacker can craft an SNMP trap with additional lines of information and have forged data show in the Zabbix UI. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In the src/libs/zbxembed/browser.c file, the es_browser_ctor method retrieves a heap pointer from the Duktape JavaScript engine. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
The webdriver for the Browser object expects an error object to be initialized when the webdriver_session_query function fails. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.
When exporting media types, the password is exported in the YAML in plain text. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
The researcher is showing that it is possible to leak a small amount of Zabbix Server memory using an out of bounds read in src/libs/zbxmedia/email.c. Rated low severity (CVSS 2.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.