PT-2023-9810 · Qnap · Qulog Center

Kaibro

Publicado

2023-09-08

Atualizado

2026-01-20

CVE-2023-23354

CVSS v3.1

8.7

Alta

Vetor

AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions QuLog Center versions prior to 1.3.1.645 QuLog Center versions prior to 1.4.1.691 QuLog Center versions prior to 1.5.0.738

Description A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.

Recommendations For QuLog Center versions prior to 1.3.1.645, update to version 1.3.1.645 or later. For QuLog Center versions prior to 1.4.1.691, update to version 1.4.1.691 or later. For QuLog Center versions prior to 1.5.0.738, update to version 1.5.0.738 or later.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

BDU:2024-11469

CVE-2023-23354

Produtos afetados

Qulog Center

PT-2023-9810 · Qnap · Qulog Center

CVE-2023-23354

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 14