Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named "signal check color" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable to HTML Injection and an XSS attack.
References
Link | Resource |
---|---|
https://github.com/ZoneMinder/zoneminder/issues/2451 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-10-03T16:19:29
Updated: 2022-10-03T16:19:29
Reserved: 2022-10-03T00:00:00
Link: CVE-2019-7331
JSON object: View
NVD Information
Status : Analyzed
Published: 2019-02-04T19:29:00.647
Modified: 2019-02-05T13:42:16.057
Link: CVE-2019-7331
JSON object: View
Redhat Information
No data.
CWE