CVE-2025-1074 - "Webkul QloApps Cross-Site Request Forgery"
CVE ID : CVE-2025-1074 Published : Feb. 6, 2025, 2:15 p.m. | 29 minutes ago Description : A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. They are aware about it and are working on resolving it. Severity: 4.3 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-1074
Published : Feb. 6, 2025, 2:15 p.m. | 29 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. They are aware about it and are working on resolving it.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : Feb. 6, 2025, 2:15 p.m. | 29 minutes ago
Description : A vulnerability, which was classified as problematic, was found in Webkul QloApps 1.6.1. Affected is the function logout of the file /en/?mylogout of the component URL Handler. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure. They are aware about it and are working on resolving it.
Severity: 4.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
