Share:

CVE-2020-20285 - Zzcms Zzcms

December 19, 2020

Moderate 5.4

There is a XSS in the user login page in zzcms 2019. Users can inject js code by the referer header via user/login.php

Affected software

Zzcms Zzcms

Reference links

https://github.com/iohex/ZZCMS/blob/master/zzcms2019_login_xss.md

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.