Lucene search
PRIOn knowledge basePRION:CVE-2019-7336HistoryFeb 04, 2019 - 7:29 p.m.
Cross site scripting
2019-02-0419:29:00
PRIOn knowledge base
www.prio-n.com
2
0.001 Low
EPSS
Percentile
34.1%
Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zoneminder | le | 1.32.3 |
Related
ubuntucve
ubuntucve
CVE-2019-7336
2019-02-04 00:00:00
cvelist
cvelist
CVE-2019-7336
2022-10-03 16:19:30
nvd
nvd
CVE-2019-7336
2019-02-04 19:29:00
debiancve
debiancve
CVE-2019-7336
2022-10-03 16:19:30
veracode
veracode
Cross-site Scripting (XSS)
2021-09-30 05:56:40
cve
cve
CVE-2019-7336
2022-10-03 16:19:30
alpinelinux
alpinelinux
CVE-2019-7336
2022-10-03 16:19:30
cnvd
cnvd
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57828)
2022-04-01 00:00:00
osv
osv
CVE-2019-7336
2019-02-04 19:29:00
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00