[+] Credits: Shahnawaz Shaikh, Security Researcher at Cybergate Defense LLC [+] twitter.com/_striv3r_ [Vendor] https://quorum.com/about/ [Product] Quorum onQ OS - 6.0.0.5.2064 Vulnerability Type] Reflected Cross Site Scripting (XSS) [Affected Component] Login page get parameter 'msg' is vulnerable to Reflected Cross site scripting [CVE Reference] CVE-2024-44449 [Security Issue] Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a remote attacker to obtain sensitive information via the msg parameter in the Login page. [Attack Vectors] After obtaining the API key, an attacker can use tools such as curl, Postman, or custom scripts to craft unauthorized requests to the target API. [Network Access] Remote [Severity] Medium [Disclosure Timeline] Vendor Notification: July 20, 2024 Vendor released fixed: September 13, 2024