zoneminder:edge is vulnerable to cross site scripting (XSS). An attacker to execute HTML or JavaScript code via a vulnerable ‘Exportfile’ parameter value in the view download (download.php) because proper filtration is omitted.
CPE | Name | Operator | Version |
---|---|---|---|
zoneminder:edge | eq | 1.32.3-r3 | |
zoneminder:edge | eq | 1.32.3-r3 |