VYPR
Unrated severityOSV Advisory· Published Feb 4, 2019· Updated Sep 16, 2024

CVE-2019-7329

CVE-2019-7329

Description

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zoneminder/ZoneminderOSV2 versions
    1.32.3, v1.25, v1.26.0, …+ 1 more
    • (no CPE)range: 1.32.3, v1.25, v1.26.0, …
    • (no CPE)range: <=1.32.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.