Zinc

**Name of the Vulnerable Software and Affected Versions** Obl.ong versions prior to 1.1.2 **Description** The admin panel for Obl.ong allows authorization bypass because the email OTP feature accepts arbitrary numerical values. **Recommendations** For versions prior to 1.1.2, update to version 1.1.2 or later to resolve the issue. As a temporary workaround, consider disabling the email OTP feature in the admin panel until a patch is available. Restrict access to the admin panel to minimize the risk of exploitation.