PT-2018-9037 · Qnap Systems · Qts

Davide Cioccia

Publicado

2018-11-27

Atualizado

2020-01-16

CVE-2018-0719

CVSS v3.1

5.5

Média

Vetor

AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions QNAP Systems Inc. QTS versions prior to 4.2.6 on build 20180711 QNAP Systems Inc. QTS versions prior to 4.3.3 on build 20180725 QNAP Systems Inc. QTS versions prior to 4.3.4 on build 20180710

Description A Cross-site Scripting (XSS) issue allows attackers to inject javascript, affecting QNAP Systems Inc. QTS.

Recommendations For QNAP Systems Inc. QTS versions prior to 4.2.6 on build 20180711, update to a version newer than 4.2.6. For QNAP Systems Inc. QTS versions prior to 4.3.3 on build 20180725, update to a version newer than 4.3.3. For QNAP Systems Inc. QTS versions prior to 4.3.4 on build 20180710, update to a version newer than 4.3.4.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2018-0719

Produtos afetados

Qts

PT-2018-9037 · Qnap Systems · Qts

CVE-2018-0719

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3