CVE-2017-7634

Summary

Cross-site scripting (XSS) vulnerability in QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows remote attackers to inject arbitrary web script or HTML. The injected code will only be triggered by a crafted link, not the normal page.

Affected Software

VendorProductVersion RangeStatus
QNAPQNAP Media Streaming Add-On421.1.0.2, 430.1.2.0, and earlieraffected

Weaknesses

  • Cross-site scripting

ADP Enrichment

CVE Program Container

Additional References

References