Security Advisory

CVE-2022-30768

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-11-15 00:00:00

Last updated 2025-04-30 16:11:14

Assigner mitre

State PUBLISHED

Description

A Stored Cross Site Scripting (XSS) issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other users logged into the platform) clicks on Logout. NOTE: this exists in later versions than CVE-2019-7348 and requires a different attack method.

← Browse all CVEs View on cve.org ↗