Unrated severityNVD Advisory· Published Aug 26, 2021· Updated Aug 4, 2024
CVE-2020-18468
CVE-2020-18468
Description
Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM_9.1/index.php/configuration.
Affected products
2- qdPM/qdPMdescription
Patches
Vulnerability mechanics
References
1- github.com/joelister/Persistent-XSS-on-qdPM-9.1/issues/2mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.