CVE-2020-21268 Information

Description

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter.

Reference

https://github.com/easysoft/zentaopms/issues/40