CVE-2020-21052 in ZrLoginfo

Summary

by MITRE • 06/20/2023

A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservation

08/13/2020

Disclosure

06/20/2023

Moderation

accepted

CPE

ready

EPSS

0.01121

KEV

no

Activities

very low

Sources

Do you need the next level of professionalism?

Upgrade your account now!