Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:32314
HistorySep 30, 2021 - 6:25 a.m.

Cross-site Scripting (XSS)

2021-09-3006:25:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8

0.001 Low

EPSS

Percentile

21.5%

zoneminder is vulnerable to cross-site scripting. An attacker is able to execute HTML or javascript via web/skins/classic/views/zones.php via a crafted Zone NAME to the index.php?view=zones&action;=zoneImage∣=1 URI.