VYPR
Unrated severityOSV Advisory· Published Jan 28, 2019· Updated Sep 16, 2024

CVE-2019-6990

CVE-2019-6990

Description

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zoneminder/ZoneminderOSV2 versions
    1.32.3, v1.25, v1.26.0, …+ 1 more
    • (no CPE)range: 1.32.3, v1.25, v1.26.0, …
    • (no CPE)range: <=1.32.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.