XSS in Zoneminder
CVE-2024-43359
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval, speed, and scale parameters. This vulnerability is fixed in…
Vulnerability class: XSS (Cross-Site Scripting)
EPSS: 0.004 (29.4th percentile) — read the EPSS interpretation.
Affected products
- Zoneminder — versions < 1.36.34, >= 1.37.0, < 1.37.61
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM, Third Party Advisory)
- security-advisories@github.com (Patch, x_refsource_MISC)
- security-advisories@github.com (Patch, x_refsource_MISC)