Lucene search
China National Vulnerability DatabaseCNVD-2022-57822HistoryApr 01, 2022 - 12:00 a.m.
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57822)
2022-04-0100:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
24.9%
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras, etc. A cross-site scripting vulnerability exists in ZoneMinder 1.32.3 and earlier versions, which stems from the events.php file displaying the ‘limit’ parameter value without arbitrary output filtering, which can be exploited by remote attackers to execute scripts in the browser used to browser to execute scripts.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zoneminder zoneminder | le | 1.32.3 |
Related
cve
cve
CVE-2019-7337
2022-10-03 16:19:29
debiancve
debiancve
CVE-2019-7337
2022-10-03 16:19:29
nvd
nvd
CVE-2019-7337
2019-02-04 19:29:00
ubuntucve
ubuntucve
CVE-2019-7337
2019-02-04 00:00:00
alpinelinux
alpinelinux
CVE-2019-7337
2022-10-03 16:19:29
veracode
veracode
Cross-site Scripting (XSS)
2021-09-30 05:56:36
prion
prion
Cross site scripting
2019-02-04 19:29:00
osv
osv
CVE-2019-7337
2019-02-04 19:29:00
cvelist
cvelist
CVE-2019-7337
2022-10-03 16:19:29
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00