Zoneminder Log Injection / XSS / Cross Site Request Forgery

Zoneminder versions prior to 1.37.24 suffers from log injection, persistent cross site scripting, and cross site request forgery bypass vulnerabilities.

Leave a Reply