Arbitrary Code Execution Vulnerability in Qt QPluginLoader
CVE-2020-24742 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
An issue has been fixed in Qt versions 5.14.0 where QPluginLoader attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.
Learn more about our Web Application Penetration Testing UK.