Xueliang Sun

**Name of the Vulnerable Software and Affected Versions** Kazoo Server versions prior to 4.11.22 **Description** An improper authentication issue has been reported to affect QNAP NAS running Kazoo Server, allowing attackers to compromise the system's security if exploited. **Recommendations** For Kazoo Server versions prior to 4.11.22, update to version 4.11.22 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** Kazoo Server versions prior to 4.11.20 **Description** A cross-site scripting (XSS) vulnerability has been reported to affect QNAP devices running Kazoo Server, allowing remote attackers to inject malicious code. **Recommendations** For Kazoo Server versions prior to 4.11.20, update to version 4.11.20 or later to resolve the issue.