Home

Awesome

cve-2022-23131

cve-2022-23131 zabbix-saml-bypass-exp

  1. replace [zbx_signed_session] to [cookie]
<img width="1384" alt="image-20220218164224691" src="https://user-images.githubusercontent.com/18260135/154678436-8dd97076-2c4b-459d-90f0-2f7dc36156ed.png">
  1. sign in with Single Sign-On (SAML)
<img width="1189" alt="image-20220218164332289" src="https://user-images.githubusercontent.com/18260135/154678517-634f3ab2-c9fc-43a4-9b12-e1f67b00ac57.png">

author: @random-robbie、@jweny and @Mr-xn
link: https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage