Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-7345

Опубликовано: 04 фев. 2019
Источник: nvd
CVSS3: 4.8
CVSS2: 3.5
EPSS Низкий

Описание

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*
Версия до 1.32.3 (включая)

EPSS

Процентиль: 46%
0.00235
Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

ubuntu логотип

CVE-2019-7345

CVSS3: 4.8
ubuntu
около 7 лет назад

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.

debian логотип

CVE-2019-7345

CVSS3: 4.8
debian
около 7 лет назад

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through ...

github логотип

GHSA-qch8-8p57-v3gr

CVSS3: 4.8
github
больше 3 лет назад

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.

EPSS

Процентиль: 46%
0.00235
Низкий

4.8 Medium

CVSS3

3.5 Low

CVSS2

Дефекты

CWE-79