A Cross-Site Scripting was discovered in ZoneMinder before 1.30.2.The vulnerability exists due to insufficient filtration of user-supplied data passed to the"ZoneMinder-master/web/skins/classic/views/js/post login.js.php" URL. An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.