Lucene search
Veracode Vulnerability DatabaseVERACODE:32293HistorySep 30, 2021 - 5:56 a.m.
Cross-site Scripting (XSS)
2021-09-3005:56:36
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
0.001 Low
EPSS
Percentile
24.9%
zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation of the function sortHeader() in functions.php which insecurely returns the value of the limit query string parameter without applying any filtration.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zoneminder:edge | eq | 1.32.3-r3 | |
| zoneminder:edge | eq | 1.32.3-r3 |
Related
cve
cve
CVE-2019-7337
2022-10-03 16:19:29
cnvd
cnvd
ZoneMinder Cross-Site Scripting Vulnerability (CNVD-2022-57822)
2022-04-01 00:00:00
debiancve
debiancve
CVE-2019-7337
2022-10-03 16:19:29
nvd
nvd
CVE-2019-7337
2019-02-04 19:29:00
osv
osv
CVE-2019-7337
2019-02-04 19:29:00
cvelist
cvelist
CVE-2019-7337
2022-10-03 16:19:29
prion
prion
Cross site scripting
2019-02-04 19:29:00
ubuntucve
ubuntucve
CVE-2019-7337
2019-02-04 00:00:00
alpinelinux
alpinelinux
CVE-2019-7337
2022-10-03 16:19:29
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00