CVE-2020-24902
Quixplorer affects versions up to 2.4.1 and is vulnerable to a reflected XSS due to improper input validation. An attacker can craft a URL that executes arbitrary JavaScript in the victim’s browser within the site’s context, potentially stealing cookie-based credentials. The connected Nuclei temp...