VYPR
Medium severity6.1NVD Advisory· Published Jun 20, 2023· Updated Jun 17, 2026

CVE-2020-21052

CVE-2020-21052

Description

Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote attacker to execute arbitrary code via the nickame parameter of the /post/addComment function.

Affected products

2
  • ZrLog/ZrLogcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: = 2.1.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.