CVE-2019-7325

Name of the Vulnerable Software and Affected Versions ZoneMinder versions prior to 1.32.4

Description A Reflected Cross Site Scripting (XSS) issue exists due to insecure utilization of the $ REQUEST['PHP SELF'] variable in multiple views under web/skins/classic/views, without proper filtration.

Recommendations For ZoneMinder versions prior to 1.32.4, update to version 1.32.4 or later to resolve the issue.