zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation of the function sortHeader() in functions.php which insecurely returns the value of the limit query string parameter without applying any filtration.
CPE | Name | Operator | Version |
---|---|---|---|
zoneminder:edge | eq | 1.32.3-r3 | |
zoneminder:edge | eq | 1.32.3-r3 |