3 matches found
CVE-2019-7342
ZoneMinder ≤ 1.32.3 is affected by a Cross-Site Scripting (XSS) vulnerability in the view filter (filter.php). The issue stems from improper filtration of the filter[AutoExecuteCmd] parameter, allowing an attacker to inject HTML or JavaScript. Impact is attacker-controlled code execution in the b...
CVE-2019-7342
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterAutoExecuteCmd' parameter value in the view filter filter.php because proper filtration is omitted...
CVE-2019-7342
POST - Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filterAutoExecuteCmd' parameter value in the view filter filter.php because proper filtration is omitted...