CVE-2024-43359 Information

Description

ZoneMinder is a free open source closed-circuit television software application. ZoneMinder has a cross-site scripting vulnerability in the montagereview via the displayinterval speed and scale parameters. This vulnerability is fixed in 1.36.34 and 1.37.61.

Reference

https://github.com/ZoneMinder/zoneminder/security/advisories/GHSA-pjjm-3qxp-6hj8 https://github.com/ZoneMinder/zoneminder/commit/6cc64dddff6144a98680f65ecf8dc249028431af https://github.com/ZoneMinder/zoneminder/commit/b51c5df0cb869ca48fccfc6e6fd7c19bf717ecd2