CVE-2019-7329

CVE-2019-7329

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER[‘PHP_SELF’] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.

Source: CVE-2019-7329

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다