CVE-2018-17420

Published March 7th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

6.5

MEDIUM

Affected

1

PROJECT

Description

An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.

ZrLog 是一款基于 Java 的开源博客系统。它提供文章、分类、标签、评论、主题、插件、静态化和在线升级等功能，内置 Markdown 编辑器，管理界面基于 React 和 Ant Design 构建。

GitHub

399