CVE-2024-44449
MEDIUMQuorum onQ OS 6.0.0.5.2064 - Cross-Site Scripting via Login Page msg Parameter
Title source: llmDescription
Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to obtain sensitive information via the msg parameter in the Login page.
References (3)
Core 3
Core References
Various Sources
https://quorum.com/about/
Mailing List
https://seclists.org/fulldisclosure/2025/Jan/23
Mailing List
http://seclists.org/fulldisclosure/2025/Jan/23
Scores
CVSS v3
6.1
EPSS
0.0050
EPSS Percentile
39.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-79
Status
published
Published
Feb 03, 2025
Tracked Since
Feb 18, 2026