If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HQnap Qes
APPQnap2.1.1< 2.1.1
Powiązane podatności
A hard-coded password vulnerability has been reported to affect earlier versions of QES. If exploited, this vu...
If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Stati...
If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error m...
An externally controlled reference to a resource vulnerability has been reported to affect QNAP NAS running Ph...
An improper authorization vulnerability has been reported to affect QNAP NAS running HBS 3 (Hybrid Backup Sync...