CVE-2020-24912

A reflected cross-site scripting (XSS) vulnerability in qcubed (all versions including 3.1.1) in profile.php via the stQuery-parameter allows unauthenticated attackers to steal sessions of authenticated users.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:qcubed:qcubed:*:*:*:*:*:*:*:*

Information

Published : 2021-03-04 05:15

Updated : 2021-03-22 09:06


NVD link : CVE-2020-24912

Mitre link : CVE-2020-24912


JSON object : View

CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Advertisement

dedicated server usa

Products Affected

qcubed

  • qcubed