Cross-site Scripting (XSS)

2021-09-3005:57:22

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

zoneminder

cross site scripting

validation

options.php

EPSS

0.001

Percentile

24.8%

JSON

zoneminder is vulnerable to Cross Site Scripting. The vulnerability exists due to a lack of validation in the view ‘options’ (options.php) for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value.

References

github.com/ZoneMinder/zoneminder/issues/2468

secdb.alpinelinux.org/edge/community.yaml

EPSS

0.001

Percentile

24.8%

JSON

Related for VERACODE:32307