CVE-2016-10206

Name of the Vulnerable Software and Affected Versions Zoneminder versions 1.30 and earlier ALT Linux (affected versions not specified)

Description A cross-site request forgery (CSRF) issue allows remote attackers to hijack user authentication for requests, potentially changing passwords and having other unspecified impacts. This can be demonstrated by a crafted user action request to "index.php".

Recommendations For Zoneminder versions 1.30 and earlier, update to a version that addresses the CSRF vulnerability. For ALT Linux, at the moment, there is no information about a newer version that contains a fix for this vulnerability.