A recent security scan of our environment uncovered jQuery UI version 1.12.1, which is apparently vulnerable, documented at CVE-2021-41184. I've dug around the zabbix git and support sites and can't find any comment on if it's an issue or not. The closest I found was an update in I beleive 2010 or 2012 about Zabbix not using the vulnerable calls, but can't find anything much newer than that. Just wondering if anyone else has come across this?

FWIW I opened something on support.zabbix.com at https://support.zabbix.com/browse/ZBX-21403

It was found on a 4.0.17 install but I couldn’t find it updated even at the latest 6.0 version.