VYPR
Unrated severityNVD Advisory· Published Feb 18, 2025· Updated Feb 19, 2025

CVE-2025-26058

CVE-2025-26058

Description

Webkul QloApps v1.6.1 exposes authentication tokens in URLs during redirection. When users access the admin panel or other protected areas, the application appends sensitive authentication tokens directly to the URL.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Webkul/Qloappscpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: <=1.6.1

Patches

Vulnerability mechanics

News mentions

0

No linked articles in our index yet.