Lucene search
+L

CVE-2018-19942

🗓️ 16 Apr 2021 01:10:14Reported by qnapType 
cve
 cve
🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 82 Views

A cross-site scripting (XSS) vulnerability in earlier versions of File Station allows remote attackers to inject malicious code. Fixed in QTS 4.5.2.1566, 4.5.1.1456, 4.3.6.1446, 4.3.4.1463, 4.3.3.1432, 4.2.6, QuTS hero h4.5.1.1472, QuTScloud c4.5.4.1601, and c4.5.3.1454 (and later

Related
Detection
Affected
Refs
Social
ReporterTitlePublishedViews
Family
Cvelist
CVE-2018-19942 Cross-site Scripting Vulnerability in File Station
16 Apr 202101:10
cvelist
EUVD
EUVD-2018-11613
7 Oct 202500:30
euvd
NVD
CVE-2018-19942
16 Apr 202101:15
nvd
OpenVAS
QNAP QTS XSS Vulnerability (QSA-21-04)
19 Apr 202100:00
openvas
OSV
CVE-2018-19942
16 Apr 202101:15
osv
Prion
Cross site scripting
16 Apr 202101:15
prion
Tenable Nessus
Qnap QTS Cross-site Scripting (CVE-2018-19942)
16 Oct 202400:00
nessus
NVD
Node
OR
qnapqtsRange<4.2.6
qnapqtsRange4.3.54.3.6
qnapqtsRange4.4.04.5.1
qnapqtsMatch4.2.6-
qnapqtsMatch4.2.6build_20170517
qnapqtsMatch4.2.6build_20190322
qnapqtsMatch4.2.6build_20190730
qnapqtsMatch4.2.6build_20190921
qnapqtsMatch4.2.6build_20191107
qnapqtsMatch4.2.6build_20200109
qnapqtsMatch4.2.6build_20200421
qnapqtsMatch4.2.6build_20200611
qnapqtsMatch4.2.6build_20200821
qnapqtsMatch4.3.3
qnapqtsMatch4.3.3.0095
qnapqtsMatch4.3.3.0096
qnapqtsMatch4.3.3.0136
qnapqtsMatch4.3.3.0154
qnapqtsMatch4.3.3.0174
qnapqtsMatch4.3.3.0188
qnapqtsMatch4.3.3.0210
qnapqtsMatch4.3.3.0229
qnapqtsMatch4.3.3.0238
qnapqtsMatch4.3.3.0262
qnapqtsMatch4.3.3.0299
qnapqtsMatch4.3.3.0351
qnapqtsMatch4.3.3.0353
qnapqtsMatch4.3.3.0361
qnapqtsMatch4.3.3.0369
qnapqtsMatch4.3.3.0378
qnapqtsMatch4.3.3.0396
qnapqtsMatch4.3.3.0404
qnapqtsMatch4.3.3.0416
qnapqtsMatch4.3.3.0418
qnapqtsMatch4.3.3.0448
qnapqtsMatch4.3.3.0514
qnapqtsMatch4.3.3.0546
qnapqtsMatch4.3.3.0570
qnapqtsMatch4.3.3.0868
qnapqtsMatch4.3.3.0998
qnapqtsMatch4.3.3.1051
qnapqtsMatch4.3.3.1098
qnapqtsMatch4.3.3.1161
qnapqtsMatch4.3.3.1252
qnapqtsMatch4.3.3.1315
qnapqtsMatch4.3.3.1386
qnapqtsMatch4.3.4
qnapqtsMatch4.3.4.0358
qnapqtsMatch4.3.4.0358beta1
qnapqtsMatch4.3.4.0370
qnapqtsMatch4.3.4.0370beta1
qnapqtsMatch4.3.4.0372
qnapqtsMatch4.3.4.0372beta1
qnapqtsMatch4.3.4.0374
qnapqtsMatch4.3.4.0374beta1
qnapqtsMatch4.3.4.0387
qnapqtsMatch4.3.4.0387beta2
qnapqtsMatch4.3.4.0411
qnapqtsMatch4.3.4.0416
qnapqtsMatch4.3.4.0427
qnapqtsMatch4.3.4.0434
qnapqtsMatch4.3.4.0435
qnapqtsMatch4.3.4.0451
qnapqtsMatch4.3.4.0483
qnapqtsMatch4.3.4.0486
qnapqtsMatch4.3.4.0506
qnapqtsMatch4.3.4.0516
qnapqtsMatch4.3.4.0526
qnapqtsMatch4.3.4.0551
qnapqtsMatch4.3.4.0557
qnapqtsMatch4.3.4.0561
qnapqtsMatch4.3.4.0569
qnapqtsMatch4.3.4.0593
qnapqtsMatch4.3.4.0597
qnapqtsMatch4.3.4.0604
qnapqtsMatch4.3.4.0899
qnapqtsMatch4.3.4.1029
qnapqtsMatch4.3.4.1082
qnapqtsMatch4.3.4.1190
qnapqtsMatch4.3.4.1282
qnapqtsMatch4.3.4.1368
qnapqtsMatch4.3.4.1417
qnapqtsMatch4.3.6-
qnapqtsMatch4.3.6.0895
qnapqtsMatch4.3.6.0907
qnapqtsMatch4.3.6.0923
qnapqtsMatch4.3.6.0944
qnapqtsMatch4.3.6.0959
qnapqtsMatch4.3.6.0979
qnapqtsMatch4.3.6.0993
qnapqtsMatch4.3.6.1013
qnapqtsMatch4.3.6.1033
qnapqtsMatch4.3.6.1070
qnapqtsMatch4.3.6.1154
qnapqtsMatch4.3.6.1218
qnapqtsMatch4.3.6.1263
qnapqtsMatch4.3.6.1286
qnapqtsMatch4.3.6.1333
qnapqtsMatch4.3.6.1411
qnapqtsMatch4.5.1-
qnapqtsMatch4.5.2-
qnapquts_heroRange<h4.5.1
qnapquts_heroMatchh4.5.1
qnapquts_heroMatchh4.5.1-
qnapqutscloudRange<c4.5.3
qnapqutscloudMatchc4.5.3-
qnapqutscloudMatchc4.5.4-
[
  {
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.5.2.1566 build 20210202",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.5.1.1456 build 20201015",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.6.1446 build 20200929",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.4.1463 build 20201006",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.3.1432 build 20201006",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.2.6 build 20210327",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h4.5.1.1472 build 20201031",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "QuTScloud",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "c4.5.4.1601 build 20210309",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "c4.5.3.1454 build 20201013",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

17 Jun 2026 01:50Current
6Medium risk
Vulners AI Score6
CVSS 24.3
CVSS 3.16.1
EPSS0.00746
82