3 matches found
Qnap QuTS hero Cross-site Scripting (CVE-2020-2497)
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build...
CVE-2020-2497
creationtimestamp| type| source ---|---|--- 2020-12-10 07:33:29+00:00| seen| https://t.me/cibsecurity/18558 2020-12-10 07:36:29+00:00| seen| https://t.me/cibsecurity/18578 2020-12-10 08:25:27+00:00| seen| https://t.me/cibsecurity/18598 2020-12-10 09:25:17+00:00| seen| https://t.me/cibsecurity/186...
CVE-2020-2497
The CVE-2020-2497 entry describes a cross-site scripting (XSS) vulnerability in QTS/QuTS Hero where remote attackers could inject malicious code into System Connection Logs. Affected products include QTS and QuTS Hero with multiple fixed versions listed: QuTS hero h4.5.1.1472 build 20201031 and l...