Thanks for the report on this. It is being added to the next revision that is due by the end of today or early tomorrow.
If anyone is curious as to what exactly SSDP is, I can affirm that this is a mostly unused port and is only, in some commercial software, used for network discovery on dedicated servers. As such, SSDP can be used in regards to reflection DDoS attacks. These attacks will sometimes not be in the form of packets sent; rather replies made from within the server... essentially, it allows an attacker to get replies out on port number 1900 to a destination ip of their choosing.
There are numerous ways around these attacks, of which is:
iptables -I INPUT 1 -p udp -m udp --dport 1900 -j DROP
The above can be added to existing installs on dedicated servers. This is a quick fix to drop the port all together. If you are using software on top of the QuickBox script that requires this port to be open... I would drop that too.
Either the end of today - or tomorrow there is going to be a release in the script that addresses this issue. It will be implementing CSF or Config Server Firewall to afford a much more robust and easier to adapt/adjust solution for QuickBox. Users with QuickBox already installed will have a separate patch that addresses this and installs CSF for you with minimal input required.
If you would like additional reading on the matter of SSDP, check out this Wiki entry.