ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability that stems from the fact that the program is not properly filtered and can be exploited by remote attackers with the ‘newMonitor[Method]’ parameter to execute HTML or JavaScript code with the ‘newMonitor[Method]’ parameter.