CVE-2021-41074

5.4MEDIUM

A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document.

Published: 1/12/2026Updated: 1/13/2026
View on NVDView on MITRE

Description

A CSRF issue in index.php in QloApps hotel eCommerce 1.5.1 allows an attacker to change the admin's email address via a crafted HTML document.

AI AnalysisPowered by AI

References