EPSS
Percentile
45.4%
ZoneMinder is vulnerable to cross-site request forgery. Whenever a CSRF check fails, a callback function is called displaying a “Try again” button, which allows resending the failed request, making the CSRF attack successful.
github.com/ZoneMinder/zoneminder/issues/2469
secdb.alpinelinux.org/edge/community.yaml