Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other users logged into the platform) clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 and requires a different attack method.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ZoneMinder 跨站脚本漏洞
Vulnerability Description
ZoneMinder是一套开源的视频监控软件系统。该系统支持IP、USB和模拟摄像机等。 ZoneMinder 1.36.12版本存在安全漏洞,该漏洞源于含有存储型跨站脚本(XSS)问题,允许攻击者在管理员(或可以看到其他用户登录平台的非管理员用户)单击注销时通过用户名字段执行HTML或JavaScript代码。
CVSS Information
N/A
Vulnerability Type
N/A