CVE-2021-27558

2021-08-3103:15:06

Google

osv.dev

6.3 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

47.8%

JSON

A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.

References

privasec.com/blog/zentao-cms-a-monkeys-journey-to-priv-esc-remote-code-execution/