Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Webkul QloApps URL mylogout cross-site request forgery
Vulnerability Description
A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. They are aware about it and are working on resolving it.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
Vulnerability Type
跨站请求伪造(CSRF)
Vulnerability Title
Webkul QloApps 安全漏洞
Vulnerability Description
Webkul QloApps是Webkul公司的一个酒店预定管理软件。 Webkul QloApps 1.6.1版本存在安全漏洞,该漏洞源于组件URL Handler的文件/en/?mylogout的注销功能会导致跨站请求伪造攻击。
CVSS Information
N/A
Vulnerability Type
N/A