A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-06-15T17:15:24
Updated: 2024-08-04T14:22:25.621Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-21316
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-06-15T20:15:11.300
Modified: 2021-06-22T01:05:11.067
Link: CVE-2020-21316
Redhat
No data.