0.001 Low
EPSS
Percentile
24.8%
Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM_9.1/index.php/configuration.
github.com/joelister/Persistent-XSS-on-qdPM-9.1/issues/2