PT-2023-9809 · Qnap · Qulog Center
Kaibro
·
Published
2023-09-08
·
Updated
2026-01-20
·
CVE-2023-23357
CVSS v2.0
5.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
QuLog Center versions prior to 1.3.1.645
QuLog Center versions prior to 1.4.1.691
QuLog Center versions prior to 1.5.0.738
Description
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained administrator access to bypass security mechanisms or read application data.
Recommendations
For QuLog Center versions prior to 1.3.1.645, update to QuLog Center 1.3.1.645 or later.
For QuLog Center versions prior to 1.4.1.691, update to QuLog Center 1.4.1.691 or later.
For QuLog Center versions prior to 1.5.0.738, update to QuLog Center 1.5.0.738 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qulog Center