Lucene search
Veracode Vulnerability DatabaseVERACODE:32308HistorySep 30, 2021 - 5:57 a.m.
Cross-Site Request Forgery (CSRF)
2021-09-3005:57:23
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
4
0.001 Low
EPSS
Percentile
43.5%
ZoneMinder is vulnerable to cross-site request forgery. Whenever a CSRF check fails, a callback function is called displaying a “Try again” button, which allows resending the failed request, making the CSRF attack successful.
| CPE | Name | Operator | Version |
|---|---|---|---|
| zoneminder:edge | eq | 1.32.3-r3 | |
| zoneminder:edge | eq | 1.32.3-r3 |
Related
alpinelinux
alpinelinux
CVE-2019-7346
2022-10-03 16:19:30
cnvd
cnvd
ZoneMinder Cross-Site Request Forgery Vulnerability (CNVD-2022-57808)
2022-04-01 00:00:00
cvelist
cvelist
CVE-2019-7346
2022-10-03 16:19:30
osv
osv
CVE-2019-7346
2019-02-04 19:29:01
ubuntucve
ubuntucve
CVE-2019-7346
2019-02-04 00:00:00
cve
cve
CVE-2019-7346
2022-10-03 16:19:30
debiancve
debiancve
CVE-2019-7346
2022-10-03 16:19:30
prion
prion
Cross site request forgery (csrf)
2019-02-04 19:29:00
nvd
nvd
CVE-2019-7346
2019-02-04 19:29:01
openvas
openvas
ZoneMinder < 1.34.0 Multiple Vulnerabilities
2019-02-05 00:00:00