Exploit for Quorum onQ OS 6.0.0.5.2064 Cross Site Scripting Vulnerability CVE-2024-44449

## https://sploitus.com/exploit?id=1337DAY-ID-39886
[Vendor]
https://quorum.com/about/

[Product]
Quorum onQ OS - 6.0.0.5.2064

Vulnerability Type]
Reflected Cross Site Scripting (XSS)

[Affected Component]
Login page get parameter 'msg' is vulnerable to Reflected Cross site
scripting

[CVE Reference]
CVE-2024-44449

[Security Issue]
Cross Site Scripting vulnerability in Quorum onQ OS v.6.0.0.5.2064 allows a
remote attacker to obtain sensitive information via the msg parameter in
the Login page.

[Attack Vectors]
After obtaining the API key, an attacker can use tools such as curl,
Postman, or custom scripts to craft unauthorized requests to the target API.