Lucene search
Alpine Linux Development TeamALPINE:CVE-2019-7336HistoryFeb 04, 2019 - 7:29 p.m.
CVE-2019-7336
2019-02-0419:29:00
Alpine Linux Development Team
security.alpinelinux.org
16
0.001 Low
EPSS
Percentile
33.7%
Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | edge-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.15-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.16-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.17-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.18-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.19-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
| Alpine | 3.20-community | noarch | zoneminder | < 1.36.7-r0 | UNKNOWN |
Related
prion
prion
Cross site scripting
2019-02-04 19:29:00
cve
cve
CVE-2019-7336
2019-02-04 19:29:00
osv
osv
CVE-2019-7336
2019-02-04 19:29:00
cnvd
cnvd
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57828)
2022-04-01 00:00:00
cvelist
cvelist
CVE-2019-7336
2022-10-03 16:19:30
ubuntucve
ubuntucve
CVE-2019-7336
2019-02-04 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2021-09-30 05:56:40
debiancve
debiancve
CVE-2019-7336
2019-02-04 19:29:00
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00