Vulnerability in Opensolution Quickcms
CVE-2025-54542
QuickCMS sends password and login via GET Request. This allows a local attacker with access to the victim's browser history to obtain the necessary credentials to log in as the user. The vendor was notified early about this vulnerability…
EPSS: 0.000 (8.1th percentile) — read the EPSS interpretation.
Affected products
- Opensolution Quickcms — versions 6.8
Weakness classification (CWE)
References
- cert.pl/posts/2025/08/CVE-2025-54540 (third-party-advisory)
- opensolution.org (product)