VYPR
Unrated severityOSV Advisory· Published Feb 4, 2019· Updated Sep 17, 2024

CVE-2019-7335

CVE-2019-7335

Description

Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Zoneminder/ZoneminderOSV2 versions
    1.32.3, v1.25, v1.26.0, …+ 1 more
    • (no CPE)range: 1.32.3, v1.25, v1.26.0, …
    • (no CPE)range: <=1.32.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.