An issue exists in ZRLOG 2.0.1. There is a Stored XSS vulnerability in the nickname field of the comment area.
zrlog zrlog 2.0.1