CVE-2016-10201

Опубликовано: 03 мар. 2017

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
zoneminder	fixed	1.30.4+dfsg-1		package
zoneminder	no-dsa		jessie	package
zoneminder	no-dsa		wheezy	package

EPSS

Процентиль: 51%

0.00275

Низкий

Связанные уязвимости

CVE-2016-10201

CVSS3: 6.1

ubuntu

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.

CVE-2016-10201

CVSS3: 6.1

nvd

почти 9 лет назад

Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.

GHSA-456m-9wp2-mxg3

CVSS3: 6.1

github

больше 3 лет назад

Cross-site scripting (XSS) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to inject arbitrary web script or HTML via the format parameter in a download log request to index.php.

EPSS

Процентиль: 51%

0.00275

Низкий