Cross-site Scripting (XSS)

2021-09-3005:58:25

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

zoneminder vulnerability html javascript

EPSS

0.001

Percentile

37.8%

JSON

zoneminder is vulnerable to cross-site scripting. The vulnerability exists due to a lack of input validation to the value supplied to the ‘New State’ (aka newState) field, allowing an attacker to execute HTML or JavaScript code.

References

github.com/ZoneMinder/zoneminder/issues/2475

secdb.alpinelinux.org/edge/community.yaml

EPSS

0.001

Percentile

37.8%

JSON

Related for VERACODE:32311