Cross-site Scripting (XSS)

2021-09-3005:56:40

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

zoneminder cross-site scripting software vulnerability validation export parameter

EPSS

0.001

Percentile

37.8%

JSON

zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation of the ‘Exportfile’ parameter value in the view export (export.php).

References

github.com/ZoneMinder/zoneminder/issues/2443

secdb.alpinelinux.org/edge/community.yaml

EPSS

0.001

Percentile

37.8%

JSON

Related for VERACODE:32297