{
  "id": "CVE-2020-25730",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-04-04T08:15:06.283",
  "lastModified": "2024-04-04T12:48:41.700",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross Site Scripting (XSS) vulnerability in ZoneMinder before version 1.34.21, allows remote attackers execute arbitrary code, escalate privileges, and obtain sensitive information via PHP_SELF component in classic/views/download.php."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad de Cross Site Scripting (XSS) en ZoneMinder anterior a la versi\u00f3n 1.34.21, permite a atacantes remotos ejecutar c\u00f3digo arbitrario, escalar privilegios y obtener informaci\u00f3n confidencial a trav\u00e9s del componente PHP_SELF en classic/views/download.php."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://github.com/ZoneMinder/zoneminder/commit/9268db14a79c4ccd444c2bf8d24e62b13207b413",
      "source": "cve@mitre.org"
    }
  ]
}