CVE-2024-21897

🗓️ 06 Sep 2024 16:26:19Reported by qnapType

A cross-site scripting vulnerability affects multiple QNAP OS version

Reporter	Title	Published	Views	Family All 10
Circl	CVE-2024-21897	6 Sep 202419:57	–	circl
CNNVD	QNAP QTS 和QuTS hero 跨站脚本漏洞	6 Sep 202400:00	–	cnnvd
Cvelist	CVE-2024-21897 QTS, QuTS hero	6 Sep 202416:26	–	cvelist
EUVD	EUVD-2024-19508	3 Oct 202520:07	–	euvd
NVD	CVE-2024-21897	6 Sep 202417:15	–	nvd
OSV	CVE-2024-21897	6 Sep 202417:15	–	osv
Positive Technologies	PT-2024-19114 · Qnap · Qnap Qts +1	6 Sep 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-21897	5 Feb 202511:08	–	redhatcve
Tenable Nessus	Qnap QTS Cross-site Scripting (CVE-2024-21897)	16 Oct 202400:00	–	nessus
Vulnrichment	CVE-2024-21897 QTS, QuTS hero	6 Sep 202416:26	–	vulnrichment

NVD

Node

qnap qtsMatch5.1.0.2348build_20230325

qnap qtsMatch5.1.0.2399build_20230515

qnap qtsMatch5.1.0.2418build_20230603

qnap qtsMatch5.1.0.2444build_20230629

qnap qtsMatch5.1.0.2466build_20230721

qnap qtsMatch5.1.1.2491build_20230815

qnap qtsMatch5.1.2.2533build_20230926

qnap qtsMatch5.1.3.2578build_20231110

qnap qtsMatch5.1.4.2596build_20231128

qnap qtsMatch5.1.5.2645build_20240116

qnap qtsMatch5.1.5.2679build_20240219

Node

qnap quts_heroMatchh5.1.0.2409build_20230525

qnap quts_heroMatchh5.1.0.2424build_20230609

qnap quts_heroMatchh5.1.0.2453build_20230708

qnap quts_heroMatchh5.1.0.2466build_20230721

qnap quts_heroMatchh5.1.1.2488build_20230812

qnap quts_heroMatchh5.1.2.2534build_20230927

qnap quts_heroMatchh5.1.3.2578build_20231110

qnap quts_heroMatchh5.1.4.2596build_20231128

qnap quts_heroMatchh5.1.5.2647build_20240118

qnap quts_heroMatchh5.1.5.2680build_20240220

[
  {
    "defaultStatus": "unaffected",
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "5.1.6.2722 build 20240402",
        "status": "affected",
        "version": "5.1.x",
        "versionType": "custom"
      }
    ]
  },
  {
    "defaultStatus": "unaffected",
    "product": "QuTS hero",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "h5.1.6.2734 build 20240414",
        "status": "affected",
        "version": "h5.1.x",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
qnap	www.qnap.com/en/security-advisory/qsa-24-20

11 Sep 2024 13:34Current

6.4Medium risk

Vulners AI Score6.4

CVSS 3.15.4 - 8.9

EPSS0.00979

SSVC

CWE-79