CVE-2019-7335
Published
CVSS v3
N/A
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value.
ZoneMinder is a free, open source Closed-circuit television software application developed for Linux which supports IP, USB and Analog cameras.
GitHub