Unrated severityNVD Advisory· Published Nov 15, 2022· Updated Apr 30, 2025
CVE-2022-30768
CVE-2022-30768
Description
A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other users logged into the platform) clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 and requires a different attack method.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: 1.36.12
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.