CVE-2019-7338
Published
CVSS v3
N/A
CVSS v2
4.3
MEDIUM
Affected
1
PROJECT
Description
Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.
ZoneMinder is a free, open source Closed-circuit television software application developed for Linux which supports IP, USB and Analog cameras.
GitHub