ZoneMinder is an open source video surveillance software system. ZoneMinder 1.32.3 and earlier versions have a cross-site scripting vulnerability that stems from the fact that the program is not properly filtered and can be exploited by remote attackers to execute arbitrary HTML or JavaScript code with the ‘scale’ parameter. JavaScript code with the ‘scale’ parameter.