2 matches found
CVE-2025-11184 Cross-Site Scripting Vulnerability in QWC2 Registration GUI
Cross-site scripting vulnerability in QGIS QWC2 Registration GUI =v2025.03.31 allows an authorized attacker to plant arbitrary JavaScript code in the page...
CVE-2025-11184
CVE-2025-11184 affects QGIS QWC2 Registration GUI up to version 2025.03.31. It enables an authorized attacker to inject arbitrary JavaScript (XSS) into the page, with potential impact to Confidentiality (High) and Integrity (Low) per CVSS. Remediation: upgrade to a version later than 2025.03.31 (...