A Host Header Injection vulnerability in qdPM 9.1 may allow an malicious user to spoof a particular header and redirect users to malicious websites.
qdpm qdpm 9.1