CVE-2020-2494 Cross-site Scripting Vulnerability in Music Station

2020-12-0700:00:00

CWE-80

CWE-79

qnap

www.cve.org

0.001 Low

EPSS

Percentile

45.3%

JSON

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and later

CNA Affected

[
  {
    "product": "Music Station",
    "vendor": "QNAP Systems Inc.",
    "versions": [
      {
        "status": "affected",
        "version": "< 5.3.13"
      },
      {
        "status": "affected",
        "version": "< 5.3.12"
      }
    ]
  }
]

References

www.qnap.com/en/security-advisory/qsa-20-13

0.001 Low

EPSS

Percentile

45.3%

JSON

Related for CVELIST:CVE-2020-2494