Webkul: >> Qloapps Security Vulnerabilities
An unauthenticated Cross-Site Scripting (XSS) vulnerability found in Webkul QloApps 1.6.0 allows an attacker to obtain a user's session cookie and then impersonate that user via POST email_create and back parameter.
CVSS Score
6.1
EPSS Score
0.237
Published
2023-06-23
Cross Site Scripting vulnerability found in Webkil QloApps v.1.5.2 allows a remote attacker to obtain sensitive information via the back and email_create parameters in the AuthController.php file.
CVSS Score
6.1
EPSS Score
0.778
Published
2023-05-11
Page 2