Zoneminder · Zoneminder · CVE-2019-13072
**Name of the Vulnerable Software and Affected Versions**
ZoneMinder version 1.32.3
**Description**
The issue allows a malicious user to embed and execute JavaScript code in the browser of any user who navigates to the Filters page, specifically by exploiting the Name field. This is a result of a stored XSS issue.
**Recommendations**
For ZoneMinder version 1.32.3, update to a version that fixes this issue to prevent malicious JavaScript code execution.