3 matches found
Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM : ZoneMinder vulnerabilities (USN-5889-1)
The remote Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5889-1 advisory. It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use th...
USN-5889-1: ZoneMinder vulnerabilities
It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...
CVE-2019-6777
CVE-2019-6777 affects ZoneMinder v1.32.3 with a reflected XSS in web/skins/classic/views/plugin.php reachable via zm/index.php?view=plugin pl parameter. Root cause: insufficient input sanitization for the pl parameter, allowing injection into reflected output. Impact per sources: partial confiden...