4 matches found
ZoneMinder cross-site scripting vulnerability (CNVD-2019-04691)
ZoneMinder is an open source video surveillance software system. The system supports IP, USB and analog cameras and more. ZoneMinder1.32.3 and previous versions of the web/skins/classic/views/zones.php file there is a cross-site scripting vulnerability , an attacker can send a specially crafted...
UBUNTU-CVE-2019-6990
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI...
DEBIAN-CVE-2019-6990
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI...
PT-2019-18402 · Zoneminder +3 · Zoneminder +3
Name of the Vulnerable Software and Affected Versions: ZoneMinder versions prior to 1.32.3 Description: A stored-self XSS issue exists, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the "index.php?view=zones&action=zoneImage&mid=1" URI...