CVE-2018-19943

🗓️ 28 Oct 2020 17:55:18Reported by qnapType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 989 Views

CVE-2018-19943 XSS vulnerability in QNAP NAS fixed in QTS versions

Reporter	Title	Published	Views	Family All 15
ATTACKERKB	CVE-2018-19943	28 Oct 202000:00	–	attackerkb
Circl	CVE-2018-19943	8 Jun 202008:30	–	circl
CISA KEV Catalog	QNAP NAS File Station Cross-Site Scripting Vulnerability	24 May 202200:00	–	cisa_kev
Check Point Advisories	QNAP FileStation Cross Site Scripting (CVE-2018-19943)	27 Jun 202200:00	–	checkpoint_advisories
Cvelist	CVE-2018-19943	28 Oct 202017:55	–	cvelist
EUVD	EUVD-2018-11614	7 Oct 202500:30	–	euvd
NVD	CVE-2018-19943	28 Oct 202018:15	–	nvd
OpenVAS	QNAP QTS Multiple Vulnerabilities (QSA-20-01)	26 Jun 202000:00	–	openvas
OSV	CVE-2018-19943	28 Oct 202018:15	–	osv
Prion	Cross site scripting	28 Oct 202018:15	–	prion

NVD

Node

qnap qtsRange<4.2.6

qnap qtsRange4.3.1.0013–4.3.3.1252

qnap qtsRange4.3.4–4.3.4.1282

qnap qtsRange4.3.6–4.3.6.1263

qnap qtsRange4.4.0–4.4.1.1261

qnap qtsRange4.4.2–4.4.2.1270

qnap qtsMatch4.2.6-

qnap qtsMatch4.2.6build_20170517

qnap qtsMatch4.2.6build_20190322

qnap qtsMatch4.2.6build_20190730

qnap qtsMatch4.2.6build_20190921

qnap qtsMatch4.2.6build_20191107

qnap qtsMatch4.2.6build_20200109

qnap qtsMatch4.2.6build_20200421

qnap qtsMatch4.2.6build_20200611

qnap qtsMatch4.2.6build_20200821

[
  {
    "platforms": [
      "build 20200410"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.2.1270",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200330"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.1.1261",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.3.6.1263",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200408"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.4.1282",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200409"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.3.1252",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200421"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.2.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/zh-tw/security-advisory/qsa-20-01
cisa	www.cisa.gov/known-exploited-vulnerabilities-catalog

03 Nov 2025 15:06Current

5.5Medium risk

Vulners AI Score5.5

CVSS 23.5

CVSS 3.15.4 - 8

EPSS0.07031

SSVC

cve-2018-19943 xss vulnerability qnap nas qts 4.4.2.1270 qts 4.4.1.1261 qts 4.3.6.1263 qts 4.3.4.1282 qts 4.3.3.1252 qts 4.2.6 nvd