First published: Fri Mar 03 2017(Updated: )
Cross-site request forgery (CSRF) vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Zoneminder Zoneminder | <=1.30.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.