6 matches found
Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM : ZoneMinder vulnerabilities (USN-5889-1)
The remote Ubuntu 16.04 ESM / 20.04 ESM / 22.04 ESM host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-5889-1 advisory. It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use th...
USN-5889-1: ZoneMinder vulnerabilities
It was discovered that ZoneMinder was not properly sanitizing URL parameters for certain views. An attacker could possibly use this issue to perform a cross-site scripting XSS attack. This issue was only fixed in Ubuntu 16.04 ESM. CVE-2019-6777 It was discovered that ZoneMinder was not properly...
CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...
CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...
CVE-2019-7332
CVE-2019-7332 is a reflected XSS in ZoneMinder up to version 1.32.3. The vulnerability arises from improper filtration of the eid parameter in download.php, allowing an attacker to inject HTML/JavaScript. Connected sources corroborate ZoneMinder XSS via URL parameters and note affected versions (
CVE-2019-7332
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' aka Event ID parameter value in the view download download.php because proper filtration is omitted...