3 matches found
CVE-2022-30768
A Stored Cross Site Scripting XSS issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin or non-Admin users that can see other users logged into the platform clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 an...
CVE-2022-30768
A Stored Cross Site Scripting XSS issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin or non-Admin users that can see other users logged into the platform clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 an...
CVE-2022-30768
CVE-2022-30768 is a stored XSS in ZoneMinder 1.36.12 where an attacker can inject HTML/JavaScript via the Username field when an Admin (or user seeing others) clicks Logout. The issue is described across multiple sources as affecting ZoneMinder 1.36.12 and later with a different method than CVE-2...