A CSRF check issue exists in ZoneMinder up to and including 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a "Try again" button, which allows resending the failed request, making the CSRF attack successful.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zoneminder zoneminder |