An issue exists in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an malicious user to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
quali cloudshell 9.3 |