Medium severity6.1NVD Advisory· Published Mar 3, 2017· Updated Jun 17, 2026
CVE-2016-10201
CVE-2016-10201
Description
Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*range: <=1.30.0
- (no CPE)range: <=1.30
Patches
Vulnerability mechanics
References
2- www.openwall.com/lists/oss-security/2017/02/05/1nvdExploitMailing List
- www.foxmole.com/advisories/foxmole-2016-07-05.txtnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.