DEBIAN-CVE-2019-7336

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view monitorfilters.php contains takes in input from the user and saves it into the session, and retrieves it later insecurely. The values of the MonitorName and Source parameters are being displayed without any...

UBUNTU-CVE-2019-7336

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view monitorfilters.php contains takes in input from the user and saves it into the session, and retrieves it later insecurely. The values of the MonitorName and Source parameters are being displayed without any...

UBUNTU-CVE-2016-10203

Cross-site scripting XSS vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the name when creating a new monitor...

New Relic: Html injection in monitor name textbox

Hello guys, Details: Encoded image tag via HTML-Encoding is executed in Monitot failed email Payload: Plain text: Encoded: PoC: F100855 Remediation: Before sending an email - make sanitization / filtering / encoding of whole special characters. If you have any question, plz let me know Thanks, St...

New Relic: Html injection in monitor name textbox

payload in monitor name textbox : image tag is executed in Monitot failed email fix : Need to done secure parse encode in monitor name textbox to prevent html injection in email...