跳转到帖子

Debian: CVE-2023-25825: zoneminder -- security update

recommended_posts

发布于
  • Members

Debian: CVE-2023-25825: zoneminder -- security update

Severity
6
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:N)
Published
02/25/2023
Created
07/31/2024
Added
07/30/2024
Modified
01/28/2025

Description

ZoneMinder is a free, open source Closed-circuit television software application for Linux which supports IP, USB and Analog cameras. Versions prior to 1.36.33 are vulnerable to Cross-site Scripting. Log entries can be injected into the database logs, containing a malicious referrer field.This is unescaped when viewing the logs in the web ui. This issue is patched in version 1.36.33.

Solution(s)

  • debian-upgrade-zoneminder

References

  • https://attackerkb.com/topics/cve-2023-25825
  • CVE - 2023-25825
  • 查看数 695
  • 已创建
  • 最后回复

参与讨论

你可立刻发布并稍后注册。 如果你有帐户,立刻登录发布帖子。

游客
回帖…