PT-2023-9809 · Qnap · Qulog Center

Kaibro

Publicado

2023-09-08

Atualizado

2026-01-20

CVE-2023-23357

CVSS v2.0

5.5

Média

Vetor

AV:N/AC:L/Au:S/C:P/I:P/A:N

Name of the Vulnerable Software and Affected Versions QuLog Center versions prior to 1.3.1.645 QuLog Center versions prior to 1.4.1.691 QuLog Center versions prior to 1.5.0.738

Description A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data.

Recommendations For QuLog Center versions prior to 1.3.1.645, update to QuLog Center 1.3.1.645 or later. For QuLog Center versions prior to 1.4.1.691, update to QuLog Center 1.4.1.691 or later. For QuLog Center versions prior to 1.5.0.738, update to QuLog Center 1.5.0.738 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

BDU:2024-11468

CVE-2023-23357

Produtos afetados

Qulog Center

PT-2023-9809 · Qnap · Qulog Center

CVE-2023-23357

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 12