Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistQnapCVELIST:CVE-2018-19953
HistoryOct 28, 2020 - 5:55 p.m.

CVE-2018-19953

2020-10-2817:55:18
CWE-80
CWE-79
qnap
www.cve.org

6.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.0%

JSON

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.

CNA Affected

[
  {
    "platforms": [
      "build 20200302"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.2.1231",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200130"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.4.1.1201",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200214"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.6.1218",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200107"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.4.1190",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  },
  {
    "platforms": [
      "build 20200109"
    ],
    "product": "QTS",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "lessThan": "4.3.3.1161",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      },
      {
        "lessThan": "4.2.6",
        "status": "affected",
        "version": "unspecified",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
attackerkb 1
checkpoint_advisories 1
cisa_kev 1
cve 1
nessus 1
openvas 1
prion
prion
Cross site scripting
2020-10-28 18:15:00
nvd
nvd
CVE-2018-19953
2020-10-28 18:15:12
attackerkb
attackerkb
CVE-2018-19953
2020-10-28 00:00:00
checkpoint_advisories
checkpoint_advisories
QNAP FileStation Cross Site Scripting (CVE-2018-19953)
2022-06-07 00:00:00
cisa_kev
cisa_kev
QNAP NAS File Station Cross-Site Scripting Vulnerability
2022-05-24 00:00:00
cve
cve
CVE-2018-19953
2020-10-28 18:15:12
nessus
nessus
QNAP QTS Multiple Vulnerabilities in File Station (QSA-20-01)
2022-05-26 00:00:00
openvas
openvas
QNAP QTS Multiple Vulnerabilities (QSA-20-01)
2020-06-26 00:00:00

6.5 Medium

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

73.0%

JSON
Related for CVELIST:CVE-2018-19953
prion1nvd1attackerkb1checkpoint_advisories1cisa_kev1cve1nessus1openvas1