4 matches found
Cross Site Scripting (XSS)
zoneminder:edge is vulnerable to Cross Site Scripting XSS. It exists in ZoneMinder, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user user.php because proper filtration is omitted...
CVE-2019-7348
Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user user.php because proper filtration is omitted...
Cross site scripting
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame frame.php because proper filtration is omitted...
Cross site scripting
Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user user.php because proper filtration is omitted...