Frontend

This hub aggregates every CVE we track for Frontend, a product in the enterprise software space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Frontend.

• CVE-2025-49643Frontend DoS vulnerability due to asymmetric resource consumption6.5Dec 1, 2025
• CVE-2025-27232Frontend arbitrary file read in oauth.authorize action4.9Dec 1, 2025
• CVE-2025-64758@dependencytrack/frontend Vulnerable to Persistent Cross-Site-Scripting via Welcome Message4.8Nov 17, 2025
• CVE-2023-32725Leak of zbx_session cookie when using a scheduled report that includes a dashboard with a URL widget.9.6Dec 18, 2023
• CVE-2023-30958DOM XSS in Developer mode dashboard via redirect GET parameter4.7Aug 3, 2023
• CVE-2023-29457Insufficient validation of Action form input fields6.3Jul 13, 2023
• CVE-2023-29456Inefficient URL schema validation5.7Jul 13, 2023
• CVE-2023-29455Reflected XSS in several fields of graph form5.4Jul 13, 2023
• CVE-2023-29454Persistent XSS in the user form5.4Jul 13, 2023
• CVE-2022-43515X-Forwarded-For header is active by default causes access to Zabbix sites in maintenance mode5.3Dec 12, 2022
• CVE-2022-39350@dependencytrack/frontend vulnerable to Persistent Cross-Site-Scripting via Vulnerability Details5.4Oct 25, 2022
• CVE-2022-40626Reflected XSS in the backurl parameter of Zabbix Frontend4.8Sep 14, 2022
• CVE-2022-35230Reflected XSS in graphs page of Zabbix Frontend3.7Jul 6, 2022
• CVE-2022-35229Reflected XSS in discovery page of Zabbix Frontend3.7Jul 6, 2022
• CVE-2022-24919Reflected XSS in graph configuration window of Zabbix Frontend3.7Mar 9, 2022