Sign in Subscribe

← All advisories

Unrated severityOSV Advisory· Published Jan 12, 2026· Updated Jan 12, 2026

CVE-2021-41074

CVE-2021-41074

Description

A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document.

Affected products

1

Webkul/HotelcommerceOSV
Range: v0.3, v1.3.0, v1.3.1, …

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

qloapps.commitre

News mentions

0

No linked articles in our index yet.