Security Advisory
CVE-2020-21316
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A Cross-site scripting (XSS) vulnerability exists in the comment section in ZrLog 2.1.3, which allows remote attackers to inject arbitrary web script and stolen administrator cookies via the nickname parameter and gain access to the admin panel.