CVE-2019-7345

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.

packagechannelchannel versionpkg versionstatus
zoneminder
nixos-19.03
2019-05-20 19:26:33 UTC (cdec62)1.32.3vulnerable
2019-05-19 05:45:38 UTC (705986)1.32.3vulnerable
2019-05-18 19:20:38 UTC (cff736)1.32.3vulnerable
2019-05-18 14:40:37 UTC (51cc0e)1.32.3vulnerable
2019-05-18 12:10:29 UTC (c86f09)1.32.3vulnerable
2019-05-16 07:25:27 UTC (c21f08)1.32.3vulnerable
2019-05-15 23:05:36 UTC (f5493b)1.32.3vulnerable
2019-05-14 10:50:48 UTC (7cd2e4)1.32.3vulnerable
2019-05-14 04:40:47 UTC (af657b)1.32.3vulnerable
2019-05-12 22:55:17 UTC (727e5b)1.32.3vulnerable
2019-05-12 18:15:28 UTC (c2570e)1.32.3vulnerable
2019-05-12 06:15:30 UTC (312a05)1.32.3vulnerable
2019-05-10 05:55:42 UTC (7bb74e)1.32.3vulnerable
2019-05-09 23:45:28 UTC (2ec36d)1.32.3vulnerable
2019-05-09 11:30:25 UTC (096e2f)1.32.3vulnerable
2019-05-08 07:05:44 UTC (aade6d)1.32.3vulnerable
2019-05-08 03:25:43 UTC (a04ef7)1.32.3vulnerable
2019-05-07 18:25:28 UTC (3e7300)1.32.3vulnerable
2019-05-07 12:25:52 UTC (2dcbd4)1.32.3vulnerable
2019-05-07 03:45:44 UTC (2df17e)1.32.3vulnerable
2019-05-06 22:45:43 UTC (8c6c85)1.32.3vulnerable
2019-05-06 19:05:39 UTC (6ec097)1.32.3vulnerable
2019-05-05 20:50:42 UTC (a177da)1.32.3vulnerable
2019-05-05 11:55:39 UTC (6e29f2)1.32.3vulnerable
2019-05-05 08:25:33 UTC (04954e)1.32.3vulnerable
2019-05-02 22:00:31 UTC (915ce0)1.32.3vulnerable
2019-05-02 14:05:46 UTC (2e6afa)1.32.3vulnerable
2019-05-02 10:40:42 UTC (b2b5c1)1.32.3vulnerable
2019-05-01 17:25:26 UTC (d740b2)1.32.3vulnerable
2019-04-30 23:15:17 UTC (6d7ed9)1.32.3vulnerable
2019-04-25 16:05:41 UTC (cf3e27)1.32.3vulnerable
2019-04-24 14:30:20 UTC (2f1eac)1.32.3vulnerable
2019-04-24 10:40:27 UTC (893541)1.32.3vulnerable
2019-04-23 19:20:27 UTC (793640)1.32.3vulnerable
2019-04-22 06:20:19 UTC (330b9f)1.32.3vulnerable
2019-04-21 17:40:24 UTC (454eea)1.32.3vulnerable
2019-04-21 16:40:14 UTC (83e778)1.32.3vulnerable
2019-04-21 10:05:20 UTC (73c885)1.32.3vulnerable
2019-04-20 19:45:16 UTC (b807bc)1.32.3vulnerable
2019-04-19 19:40:31 UTC (8ea36d)1.32.3vulnerable
2019-04-17 11:30:25 UTC (7b3696)1.32.3vulnerable
2019-04-16 15:30:40 UTC (ea4979)1.32.3vulnerable
2019-04-10 15:10:50 UTC (5c52b2)1.32.3vulnerable
2019-04-10 14:15:29 UTC (63f250)1.32.3vulnerable
2019-04-10 10:35:28 UTC (f52505)1.32.3vulnerable
2019-04-10 08:25:33 UTC (0363ab)1.32.3vulnerable
2019-04-08 01:00:36 UTC (67bc63)1.32.3vulnerable
2019-04-05 01:55:19 UTC (91fa69)1.32.3vulnerable
2019-04-04 23:20:18 UTC (e18a58)1.32.3vulnerable
2019-04-04 17:35:16 UTC (ef2899)1.32.3vulnerable
2019-03-31 05:55:25 UTC (3a4ffd)1.32.3vulnerable
2019-03-25 19:05:29 UTC (23fd13)1.32.3vulnerable
2019-03-24 15:55:20 UTC (ff9c3f)1.32.3vulnerable
2019-03-24 09:05:37 UTC (fe9abc)1.32.3vulnerable
2019-03-23 20:25:30 UTC (638216)1.32.3vulnerable
2019-03-22 23:55:24 UTC (f5e7da)1.32.3vulnerable
2019-03-21 04:35:34 UTC (91cb80)1.32.3vulnerable
2019-03-20 11:55:29 UTC (3574db)1.32.3vulnerable
2019-03-19 17:15:39 UTC (f00bd2)1.32.3vulnerable
2019-03-19 13:55:38 UTC (2a7c34)1.32.3vulnerable
2019-03-19 04:40:34 UTC (e0e29a)1.32.3vulnerable
2019-03-18 08:30:37 UTC (b2b2ff)1.32.3vulnerable
2019-03-18 07:25:46 UTC (6a3a05)1.32.3vulnerable
2019-03-17 11:45:18 UTC (9aab14)1.32.3vulnerable
2019-03-16 16:45:40 UTC (aa34ca)1.32.3vulnerable
2019-03-11 16:05:16 UTC (5f3be9)1.32.3vulnerable
2019-03-11 11:05:32 UTC (aea913)1.32.3vulnerable
2019-03-11 04:15:21 UTC (508764)1.32.3vulnerable
2019-03-10 20:35:28 UTC (72ad05)1.32.3vulnerable
2019-03-10 14:30:29 UTC (360522)1.32.3vulnerable
2019-03-10 03:10:39 UTC (52565a)1.32.3vulnerable
2019-03-10 02:25:21 UTC (4610d6)1.32.3vulnerable
2019-03-08 17:55:42 UTC (584748)1.32.3vulnerable
2019-03-07 03:15:40 UTC (58e31b)1.32.3vulnerable
2019-02-26 20:35:21 UTC (07e2b5)1.32.3vulnerable
nixos-unstable
2019-05-03 17:40:38 UTC (190727)1.32.3vulnerable
2019-04-30 23:35:46 UTC (aeb464)1.32.3vulnerable
2019-04-25 16:30:32 UTC (dfd8f8)1.32.3vulnerable
2019-04-24 12:55:41 UTC (0620e0)1.32.3vulnerable
2019-04-21 22:55:37 UTC (d26027)1.32.3vulnerable
2019-04-16 15:55:38 UTC (1fc591)1.32.3vulnerable
2019-04-07 21:55:33 UTC (acbdaa)1.32.3vulnerable
2019-04-05 11:20:44 UTC (d956f2)1.32.3vulnerable
2019-03-27 00:30:32 UTC (07b42c)1.32.3vulnerable
2019-03-21 05:55:30 UTC (373488)1.32.3vulnerable
2019-03-19 00:35:43 UTC (1222e2)1.32.3vulnerable
2019-03-18 22:50:18 UTC (4c6be1)1.32.3vulnerable
2019-03-16 16:20:42 UTC (da1a2b)1.32.3vulnerable
2019-03-10 06:15:14 UTC (5d3fd3)1.32.3vulnerable
2019-03-05 07:50:31 UTC (34aa25)1.32.3vulnerable
2019-03-02 21:10:38 UTC (26d8a8)1.32.3vulnerable
2019-03-02 17:40:36 UTC (81bf89)1.32.3vulnerable
2019-02-26 19:40:35 UTC (1233c8)1.32.3vulnerable
2019-02-26 18:30:36 UTC (bd0189)1.32.3vulnerable
2019-02-23 21:15:46 UTC (19eeda)1.32.3vulnerable
2019-02-23 13:25:25 UTC (969cff)1.32.3vulnerable
2019-02-22 17:55:42 UTC (2a81ec)1.32.3vulnerable
2019-02-20 15:35:16 UTC (fa82eb)1.32.3vulnerable
2019-02-20 10:40:25 UTC (b75eab)1.32.3vulnerable
2019-02-12 10:30:40 UTC (36f316)1.32.3vulnerable
2019-02-10 08:40:36 UTC (929cc7)1.32.3vulnerable
2019-02-10 03:35:25 UTC (64825d)1.32.3vulnerable
2019-02-10 03:10:30 UTC (baf6ba)1.32.3vulnerable
2019-02-08 21:25:31 UTC (ffc604)1.32.3vulnerable
2019-02-08 08:15:19 UTC (ce8c24)1.32.3vulnerable
2019-02-07 20:30:24 UTC (6a0d2f)1.32.3vulnerable
2019-02-05 03:30:20 UTC (2d6f84)1.32.3vulnerable
2019-02-05 00:05:24 UTC (3bd7a3)1.32.3vulnerable
2019-01-31 04:50:32 UTC (f2a1a4)1.32.3vulnerable
2019-01-21 11:25:27 UTC (bc4131)1.32.3vulnerable
2019-01-21 01:40:33 UTC (56507d)1.32.3vulnerable