2 matches found
CVE-2021-42082
Local users are able to execute scripts under root privileges. POC On the local host run the following command: curl 'localhost:8154/qstor/qsupgrade.py?taskId=1&a=;whoami'...
CVE-2021-42080
An attacker is able to launch a Reflected XSS attack using a crafted URL. POC: Visit the following URL https://:8153/qstorapi/echo?inputMessage=...