3 matches found
Qnap QTS Cross-site Scripting (CVE-2023-23372)
A cross-site scripting XSS vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 a...
QNAP QTS XSS Vulnerability (QSA-23-40)
QNAP QTS is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:qnap:qts";...
CVE-2023-23372
CVE-2023-23372 is an XSS vulnerability reported to affect several QNAP OS lines, notably QTS and QuTS hero. The incident affects multiple versions with remote network exposure and requires user interaction for exploitation as per the cited metrics. The breach could allow injection of malicious co...