SecuritySpace - CVE-2019-7329

Vulnerability Search		Search 324607 CVE descriptions and 146377 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2019-7329

Description: Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2019-7329
https://github.com/ZoneMinder/zoneminder/issues/2446

CVE ID:	CVE-2019-7329
Description:	Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2019-7329 https://github.com/ZoneMinder/zoneminder/issues/2446