Skip to main content

Qualitor

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-14580 LOW POC Monitor

Reflected cross-site scripting (XSS) in Qualitor up to version 8.24.73 allows authenticated remote attackers to inject malicious scripts via the cdscript parameter in /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php, exploitable only with user interaction (e.g., clicking a malicious link). While publicly available exploit code exists and the vendor has confirmed and patched the issue, the low CVSS score (2.0) and requirement for both authentication and user interaction significantly limit real-world risk.

PHP XSS Qualitor
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-14580
EPSS 0% CVSS 2.0
LOW POC Monitor

Reflected cross-site scripting (XSS) in Qualitor up to version 8.24.73 allows authenticated remote attackers to inject malicious scripts via the cdscript parameter in /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php, exploitable only with user interaction (e.g., clicking a malicious link). While publicly available exploit code exists and the vendor has confirmed and patched the issue, the low CVSS score (2.0) and requirement for both authentication and user interaction significantly limit real-world risk.

PHP XSS Qualitor
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy