Unrated severityOSV Advisory· Published Jan 28, 2019· Updated Sep 16, 2024
CVE-2019-6990
CVE-2019-6990
Description
A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
21.32.3, v1.25, v1.26.0, …+ 1 more
- (no CPE)range: 1.32.3, v1.25, v1.26.0, …
- (no CPE)range: <=1.32.3
Patches
Vulnerability mechanics
References
2- github.com/ZoneMinder/zoneminder/commit/a3e8fd4fd5b579865f35aac3b964bc78d5b7a94amitrex_refsource_MISC
- github.com/ZoneMinder/zoneminder/issues/2444mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.