ZoneMinder 1.32.3 Vulnerability: Self-Stored XSS in 'Group Name' Field
CVE-2019-7338 · MEDIUM Severity
AV:N/AC:M/AU:N/C:N/I:P/A:N
Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.
Learn more about our Web App Pen Testing.