CVE-2024-43358

ZoneMinder is a free, open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the filter view via the filter[Id]. This vulnerability is fixed in 1.36.34 and 1.37.61.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*
cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*

History

04 Sep 2024, 21:41

Type Values Removed Values Added
First Time Zoneminder zoneminder
Zoneminder
References () https://github.com/ZoneMinder/zoneminder/commit/062cf568a33fb6a8604ec327b1de8bb2e0d1ff77 - () https://github.com/ZoneMinder/zoneminder/commit/062cf568a33fb6a8604ec327b1de8bb2e0d1ff77 - Patch
References () https://github.com/ZoneMinder/zoneminder/commit/4602cd0470a3b90b18bcc44b3c86d963872d1ba0 - () https://github.com/ZoneMinder/zoneminder/commit/4602cd0470a3b90b18bcc44b3c86d963872d1ba0 - Patch
References () https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-6rrw-66rf-6g5f - () https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-6rrw-66rf-6g5f - Vendor Advisory
CPE cpe:2.3:a:zoneminder:zoneminder:*:*:*:*:*:*:*:*

13 Aug 2024, 12:58

Type Values Removed Values Added
Summary
  • (es) ZoneMinder es una aplicación de software de televisión de circuito cerrado de código abierto y gratuita. ZoneMinder tiene una vulnerabilidad de cross site scripting en la vista de filtro a través del filtro [Id]. Esta vulnerabilidad se solucionó en 1.36.34 y 1.37.61.

12 Aug 2024, 21:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-12 21:15

Updated : 2024-09-04 21:41


NVD link : CVE-2024-43358

Mitre link : CVE-2024-43358

CVE.ORG link : CVE-2024-43358


JSON object : View

Products Affected

zoneminder

  • zoneminder
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')