Vulnerability CVE-2023-30256


Published: 2023-05-11

Description:
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.

See advisories in our WLB2 database:
Topic
Author
Date
Low
Webkul Qloapps 1.5.2 Cross Site Scripting
Astik Rawat
28.05.2023

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://qloapps.com/
https://github.com/webkul/hotelcommerce
https://github.com/ahrixia/CVE-2023-30256

Copyright 2024, cxsecurity.com

 

Back to Top