ZoneMinder XSS Vulnerability Allows Remote Code Execution and Sensitive Information Theft
CVE-2020-25730
Currently unrated
What is CVE-2020-25730?
A Cross Site Scripting (XSS) vulnerability exists in ZoneMinder, specifically affecting versions prior to 1.34.21. This vulnerability allows remote attackers to manipulate input in the PHP_SELF component of the classic/views/download.php file. By exploiting this flaw, attackers can execute arbitrary code and escalate privileges, potentially leading to unauthorized access to sensitive information stored within the application.
Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.
Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.