CVE-2008-3881

Multiple cross-site scripting (XSS) vulnerabilities in ZoneMinder 1.23.3 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified "zm_html_view_*.php" files.

Published: Sep 2, 2008
Updated: Apr 13, 2023
CVE: CVE-2008-3881
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
zoneminder / zoneminder	1.21.1	1.21.1.x
zoneminder / zoneminder	1.23.1	1.23.1.x
zoneminder / zoneminder	1.23.0	1.23.0.x
zoneminder / zoneminder	1.19.1	1.19.1.x
zoneminder / zoneminder	1.19.4	1.19.4.x
zoneminder / zoneminder	0.9.11	0.9.11.x
zoneminder / zoneminder	1.21.3	1.21.3.x
zoneminder / zoneminder	1.21.2	1.21.2.x
zoneminder / zoneminder	-	1.23.3.x
zoneminder / zoneminder	0.9.8	0.9.8.x
zoneminder / zoneminder	0.9.10	0.9.10.x
zoneminder / zoneminder	1.18.1	1.18.1.x
zoneminder / zoneminder	1.21.0	1.21.0.x
zoneminder / zoneminder	0.9.9	0.9.9.x
zoneminder / zoneminder	0.9.14	0.9.14.x
zoneminder / zoneminder	1.22.2	1.22.2.x
zoneminder / zoneminder	1.19.3	1.19.3.x
zoneminder / zoneminder	0.0.1	0.0.1.x
zoneminder / zoneminder	1.20.1	1.20.1.x
zoneminder / zoneminder	1.17.1	1.17.1.x
zoneminder / zoneminder	1.22.0	1.22.0.x
zoneminder / zoneminder	1.22.3	1.22.3.x
zoneminder / zoneminder	0.9.16	0.9.16.x
zoneminder / zoneminder	0.9.13	0.9.13.x
zoneminder / zoneminder	1.19.5	1.19.5.x
zoneminder / zoneminder	1.18.0	1.18.0.x
zoneminder / zoneminder	1.23.2	1.23.2.x
zoneminder / zoneminder	1.17.2	1.17.2.x
zoneminder / zoneminder	1.21.4	1.21.4.x
zoneminder / zoneminder	0.9.12	0.9.12.x
zoneminder / zoneminder	1.22.1	1.22.1.x
zoneminder / zoneminder	1.19.0	1.19.0.x
zoneminder / zoneminder	0.9.7	0.9.7.x
zoneminder / zoneminder	1.17.0	1.17.0.x
zoneminder / zoneminder	1.20.0	1.20.0.x
zoneminder / zoneminder	1.19.2	1.19.2.x
zoneminder / zoneminder	0.9.15	0.9.15.x

Vulnerability Database

CVE-2008-3881

Deep Security Visibility Without the Complexity