Milan Solanki

**Name of the Vulnerable Software and Affected Versions** QuFTP Service versions prior to 1.4.3 QuFTP Service versions prior to 1.5.2 QuFTP Service versions prior to 1.6.2 **Description** A cross-site scripting (XSS) issue exists in QuFTP Service. A remote attacker who obtains an administrator account can exploit this issue to circumvent security measures or access application data. **Recommendations** Update QuFTP Service to version 1.4.3 or later. Update QuFTP Service to version 1.5.2 or later. Update QuFTP Service to version 1.6.2 or later.

**Name of the Vulnerable Software and Affected Versions** QNAP License Center versions prior to 1.8.51 QNAP License Center versions prior to 1.9.51 **Description** A cross-site scripting (XSS) vulnerability affects QNAP operating system versions. A remote attacker gaining an administrator account can exploit this issue to bypass security mechanisms or read application data. **Recommendations** Update QNAP License Center to version 1.8.51 or later. Update QNAP License Center to version 1.9.51 or later.