CVE-2020-11814
A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites.
Date published : 2020-04-16
https://fatihhcelik.blogspot.com/2020/01/qdpm-web-based-project-management_11.html