5 matches found
CVE-2019-7340
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...
CVE-2019-7340
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...
CVE-2019-7340
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...
CVE-2019-7340
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterQueryterms0val' parameter value in the view filter filter.php because proper filtration is omitted...
CVE-2019-7340
CVE-2019-7340 affects ZoneMinder up to version 1.32.3. The vulnerability is a cross-site scripting (XSS) flaw in the view filter (filter.php) where the parameter filter[Query][terms][0][val] is not properly filtered, allowing an attacker to inject HTML/JavaScript. Root cause: insufficient input f...