CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-21052

Cross Site Scripting vulnerability in zrlog zrlog v.2.1.3 allows a remote attacker to execute arbitrary code via the nickame parameter of the /post/addComment function.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 39.0%

CVSS Severity

CVSS v3 Score 6.1

References

https://github.com/94fzb/zrlog/issues/56
https://github.com/94fzb/zrlog/issues/56

Products affected by CVE-2020-21052

Zrlog » Zrlog » Version: 2.1.3

cpe:2.3:a:zrlog:zrlog:2.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-21052

Products

Pricing

Contact Us