PT-2018-11777 · Terramaster · Terramaster Tos
Publicado
2018-11-27
·
Atualizado
2018-12-19
·
CVE-2018-13357
CVSS v3.1
5.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
TerraMaster TOS version 3.1.03
Description
The issue allows attackers to execute JavaScript when viewing Shared Folders via JavaScript in Shared Folders' names, due to cross-site scripting in the Control Panel.
Recommendations
For TerraMaster TOS version 3.1.03, update to a version that fixes the cross-site scripting issue in the Control Panel to prevent attackers from executing JavaScript when viewing Shared Folders.
Exploit
Correção
XSS
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Terramaster Tos