PT-2023-9810 · Qnap · Qulog Center
Kaibro
·
Published
2023-09-08
·
Updated
2026-01-20
·
CVE-2023-23354
CVSS v3.1
8.7
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
QuLog Center versions prior to 1.3.1.645
QuLog Center versions prior to 1.4.1.691
QuLog Center versions prior to 1.5.0.738
Description
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.
Recommendations
For QuLog Center versions prior to 1.3.1.645, update to version 1.3.1.645 or later.
For QuLog Center versions prior to 1.4.1.691, update to version 1.4.1.691 or later.
For QuLog Center versions prior to 1.5.0.738, update to version 1.5.0.738 or later.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Qulog Center