Qes Security Vulnerabilities - CVSS Score 9 - 10

CVE-2020-2503

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.