{"id":"CVE-2022-30769","details":"Session fixation exists in ZoneMinder through 1.36.12 as an attacker can poison a session cookie to the next logged-in user.","modified":"2026-04-10T04:47:44.461290Z","published":"2022-11-15T22:15:11.693Z","references":[{"type":"WEB","url":"https://medium.com/%40dk50u1/session-fixation-in-zoneminder-up-to-v1-36-12-3c850b1fbbf3"},{"type":"ADVISORY","url":"https://github.com/ZoneMinder/zoneminder/releases"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/zoneminder/zoneminder","events":[{"introduced":"0"},{"last_affected":"3a8c740a691d74ed6e697bc890755bb469f3c19f"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.36.12"}]}}],"versions":["1.32.3","1.34.0","1.36.0","1.36.1","1.36.12","1.36.2","1.36.3","1.36.4","1.36.6","1.36.7","1.36.8","1.36.9","v1.25","v1.26.0","v1.26.1","v1.26.2","v1.26.3"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-30769.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N"}]}