XSS vulnerability in filter view
CVE-2024-43358
6.1MEDIUM
What is CVE-2024-43358?
ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.
Affected Version(s)
zoneminder < 1.36.34 < 1.36.34
zoneminder >= 1.37.0, < 1.37.61 < 1.37.0, 1.37.61
References
CVSS V3.1
Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed
Timeline
Vulnerability published