7 matches found
CVE-2025-11183
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11184
Cross-site scripting vulnerability in QGIS QWC2 Registration GUI =v2025.03.31 allows an authorized attacker to plant arbitrary JavaScript code in the page...
EUVD-2025-34062
QGIS QWC2 Cross-Site Scripting vulnerability...
GHSA-GXP8-M5RQ-3M38 QGIS QWC2 Cross-Site Scripting vulnerability
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11184
Cross-site scripting vulnerability in QGIS QWC2 Registration GUI =v2025.03.31 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11183
Cross-Site Scripting vulnerability in attribute table in QGIS QWC2 2025.08.14 allows an authorized attacker to plant arbitrary JavaScript code in the page...
QGIS QWC2 安全漏洞
QGIS QWC2 is a web front-end client framework from the QGIS organization. A security vulnerability exists in QGIS QWC2 versions prior to 2025.08.14, which stems from a cross-site scripting vulnerability in the attribute table that could lead to an authorized attacker planting arbitrary JavaScript...