Vulnerability Details : CVE-2019-7331
Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named "signal check color" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable to HTML Injection and an XSS attack.
Vulnerability category: Cross site scripting (XSS)
Exploit prediction scoring system (EPSS) score for CVE-2019-7331
0.08%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 33 %
Percentile, the proportion of vulnerabilities that are scored at or less