Reflected XSS exists in ZoneMinder up to and including 1.32.3, allowing an malicious user to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper filtration.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zoneminder zoneminder |