Tricentis qTest before 10.4 allows stored XSS by an authenticated attacker.Referenceshttps://github.com/Accenture/AARO-Bugs/blob/master/AARO-CVE-List.mdhttps://support-hub.tricentis.com/open?id=manual&lang=en&path=%2Fqtest%2F10400%2Fen%2Fcontent%2Fqtest_manager%2Frelease_notes%2Fonpremise_release_notes%2Fmanager_10.4.0_onpremise_release_notes.htm&product=qtest&sessionRotationTrigger=true&type=product_manual&version=10.4.2%20On%20Premise
