Lucene search

CVE-2019-7328

🗓️ 04 Feb 2019 19:00:29Reported by mitreType

cve🔗 web.nvd.nist.gov👁 67 Views🌐 WEB

Reflected XSS in ZoneMinder 1.32.3 allows HTML/JS execution via 'scale' parameter in frame.php

Reporter	Title	Published	Views	Family All 14
OSV	CVE-2019-7328	4 Feb 201919:29	–	osv
OSV	zoneminder vulnerabilities	27 Feb 202311:46	–	osv
NVD	CVE-2019-7328	4 Feb 201919:29	–	nvd
Debian CVE	CVE-2019-7328	4 Feb 201919:29	–	debiancve
AlpineLinux	CVE-2019-7328	4 Feb 201919:29	–	alpinelinux
Prion	Cross site scripting	4 Feb 201919:29	–	prion
UbuntuCve	CVE-2019-7328	4 Feb 201900:00	–	ubuntucve
Veracode	Cross-site Scripting (XSS)	30 Sep 202105:52	–	veracode
Cvelist	CVE-2019-7328	4 Feb 201919:00	–	cvelist
CNVD	ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57841)	1 Apr 202200:00	–	cnvd

Nvd

Node

zoneminder zoneminderRange≤1.32.3

Source	Link
github	www.github.com/ZoneMinder/zoneminder/issues/2449

Parameter	Position	Path	Description	CWE
scale	query param	/js/frame.js.php	ZoneMinder allows XSS via the scale parameter in frame.php.	CWE-79

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Feb 2019 19:29Current

5.9Medium risk

Vulners AI Score5.9

CVSS24.3

CVSS36.1

EPSS0.00128

CWE-79