A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote malicious users to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zrlog zrlog 2.1.3 |