CVE-2025-27232 – Frontend arbitrary file read in oauth.authorize action

CVE ID : CVE-2025-27232

Published : Dec. 1, 2025, 1:16 p.m. | 1 hour, 9 minutes ago

Description : An authenticated Zabbix Super Admin can exploit the oauth.authorize action to read arbitrary files from the webserver leading to potential confidentiality loss.

Severity: 6.8 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2025-12106 – OpenVPN Heap Buffer Over-Read Vulnerability

CVE-2025-49643 – Frontend DoS vulnerability due to asymmetric resource consumption

CVE-2025-49642 – Agent builds for AIX vulnerable to library loading hijacking

CVE-2025-13296 – CSRF in Tekrom Technology’s T-Soft E-Commerce