An issue was discovered in Quali CloudShell 9.3. An XSS vulnerability in the login page allows an attacker to craft a URL, with a constructor.constructor substring in the username field, that executes a payload when the user visits the /Account/Login page.
CPE | Name | Operator | Version |
---|---|---|---|
cloudshell | eq | 9.3 |