CVE-2018-19942

🗓️ 16 Apr 2021 01:10:14Reported by qnapType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 72 Views

A cross-site scripting (XSS) vulnerability in earlier versions of File Station allows remote attackers to inject malicious code. Fixed in QTS 4.5.2.1566, 4.5.1.1456, 4.3.6.1446, 4.3.4.1463, 4.3.3.1432, 4.2.6, QuTS hero h4.5.1.1472, QuTScloud c4.5.4.1601, and c4.5.3.1454 (and later

Reporter	Title	Published	Views	Family All 6
Cvelist	CVE-2018-19942 Cross-site Scripting Vulnerability in File Station	16 Apr 202101:10	–	cvelist
EUVD	EUVD-2018-11613	7 Oct 202500:30	–	euvd
NVD	CVE-2018-19942	16 Apr 202101:15	–	nvd
OpenVAS	QNAP QTS XSS Vulnerability (QSA-21-04)	19 Apr 202100:00	–	openvas
Prion	Cross site scripting	16 Apr 202101:15	–	prion
Tenable Nessus	Qnap QTS Cross-site Scripting (CVE-2018-19942)	16 Oct 202400:00	–	nessus

NVD

Node

qnap qtsRange<4.2.6

qnap qtsRange4.3.5–4.3.6

qnap qtsRange4.4.0–4.5.1

qnap qtsMatch4.2.6-

qnap qtsMatch4.2.6build_20170517

qnap qtsMatch4.2.6build_20190322

qnap qtsMatch4.2.6build_20190730

qnap qtsMatch4.2.6build_20190921

qnap qtsMatch4.2.6build_20191107

qnap qtsMatch4.2.6build_20200109

qnap qtsMatch4.2.6build_20200421

qnap qtsMatch4.2.6build_20200611

qnap qtsMatch4.2.6build_20200821

qnap qtsMatch4.3.3

qnap qtsMatch4.3.3.0095

qnap qtsMatch4.3.3.0096

qnap qtsMatch4.3.3.0136

qnap qtsMatch4.3.3.0154

qnap qtsMatch4.3.3.0174

qnap qtsMatch4.3.3.0188

qnap qtsMatch4.3.3.0210

qnap qtsMatch4.3.3.0229

qnap qtsMatch4.3.3.0238

qnap qtsMatch4.3.3.0262

qnap qtsMatch4.3.3.0299

qnap qtsMatch4.3.3.0351

qnap qtsMatch4.3.3.0353

qnap qtsMatch4.3.3.0361

qnap qtsMatch4.3.3.0369

qnap qtsMatch4.3.3.0378

qnap qtsMatch4.3.3.0396

qnap qtsMatch4.3.3.0404

qnap qtsMatch4.3.3.0416

qnap qtsMatch4.3.3.0418

qnap qtsMatch4.3.3.0448

qnap qtsMatch4.3.3.0514

qnap qtsMatch4.3.3.0546

qnap qtsMatch4.3.3.0570

qnap qtsMatch4.3.3.0868

qnap qtsMatch4.3.3.0998

qnap qtsMatch4.3.3.1051

qnap qtsMatch4.3.3.1098

qnap qtsMatch4.3.3.1161

qnap qtsMatch4.3.3.1252

qnap qtsMatch4.3.3.1315

qnap qtsMatch4.3.3.1386

qnap qtsMatch4.3.4

qnap qtsMatch4.3.4.0358

qnap qtsMatch4.3.4.0358beta1

qnap qtsMatch4.3.4.0370

qnap qtsMatch4.3.4.0370beta1

qnap qtsMatch4.3.4.0372

qnap qtsMatch4.3.4.0372beta1

qnap qtsMatch4.3.4.0374

qnap qtsMatch4.3.4.0374beta1

qnap qtsMatch4.3.4.0387

qnap qtsMatch4.3.4.0387beta2

qnap qtsMatch4.3.4.0411

qnap qtsMatch4.3.4.0416

qnap qtsMatch4.3.4.0427

qnap qtsMatch4.3.4.0434

qnap qtsMatch4.3.4.0435

qnap qtsMatch4.3.4.0451

qnap qtsMatch4.3.4.0483

qnap qtsMatch4.3.4.0486

qnap qtsMatch4.3.4.0506

qnap qtsMatch4.3.4.0516

qnap qtsMatch4.3.4.0526

qnap qtsMatch4.3.4.0551

qnap qtsMatch4.3.4.0557

qnap qtsMatch4.3.4.0561

qnap qtsMatch4.3.4.0569

qnap qtsMatch4.3.4.0593

qnap qtsMatch4.3.4.0597

qnap qtsMatch4.3.4.0604

qnap qtsMatch4.3.4.0899

qnap qtsMatch4.3.4.1029

qnap qtsMatch4.3.4.1082

qnap qtsMatch4.3.4.1190

qnap qtsMatch4.3.4.1282

qnap qtsMatch4.3.4.1368

qnap qtsMatch4.3.4.1417

qnap qtsMatch4.3.6-

qnap qtsMatch4.3.6.0895

qnap qtsMatch4.3.6.0907

qnap qtsMatch4.3.6.0923

qnap qtsMatch4.3.6.0944

qnap qtsMatch4.3.6.0959

qnap qtsMatch4.3.6.0979

qnap qtsMatch4.3.6.0993

qnap qtsMatch4.3.6.1013

qnap qtsMatch4.3.6.1033

qnap qtsMatch4.3.6.1070

qnap qtsMatch4.3.6.1154

qnap qtsMatch4.3.6.1218

qnap qtsMatch4.3.6.1263

qnap qtsMatch4.3.6.1286

qnap qtsMatch4.3.6.1333

qnap qtsMatch4.3.6.1411

qnap qtsMatch4.5.1-

qnap qtsMatch4.5.2-

qnap quts_heroRange<h4.5.1

qnap quts_heroMatchh4.5.1

qnap quts_heroMatchh4.5.1-

qnap qutscloudRange<c4.5.3

qnap qutscloudMatchc4.5.3-

qnap qutscloudMatchc4.5.4-

[
  {
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.5.2.1566 build 20210202",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.5.1.1456 build 20201015",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.6.1446 build 20200929",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.4.1463 build 20201006",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.3.1432 build 20201006",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.2.6 build 20210327",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h4.5.1.1472 build 20201031",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c4.5.4.1601 build 20210309",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "c4.5.3.1454 build 20201013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/zh-tw/security-advisory/qsa-21-04

21 Nov 2024 03:58Current

6Medium risk

Vulners AI Score6

CVSS 24.3

CVSS 3.16.1

EPSS0.00327