File Upload
When uploaded files become scripts : CVE-2026-41467
Reading time: 3 minutes
Introduction
This post covers another stored XSS vulnerability in ProjeQtOr, this time through file upload.
«««< HEAD I already introduced ProjeQtOr and why this kind of application can contain sensitive business data in the first article of the series: From login to admin : CVE-2026-41462 .
I already introduced ProjeQtOr and why this kind of application can contain sensitive business data in the first article of the series: From login to admin : CVE-2026-41462 .