3 matches found
Cross-site Scripting (XSS)
zoneminder:edge is vulnerable to cross site scripting XSS. As the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, it mishandles any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...
CVE-2019-7329
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...
CVE-2019-7329
Reflected Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $SERVER'PHPSELF' insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS...