3 matches found
CVE-2019-7344
Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filterName' aka Filter name value on the web page without applying any proper filtration...
CVE-2019-7344
Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filterName' aka Filter name value on the web page without applying any proper filtration...
CVE-2019-7344
ZoneMinder (up to version 1.32.3) is affected by a reflected XSS in the Filters page. The issue arises because the view prints the filter[Name] value directly without proper filtration, enabling an attacker to inject HTML/JavaScript that would execute in another user’s browser when viewing the Fi...