CVE-2018-0719

Summary

Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP Systems Inc. QTS allows attackers to inject javascript. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.

Affected Software

VendorProductVersion RangeStatus
QNAP Systems Inc.QTSunspecified <= 4.2.6affected
QNAP Systems Inc.QTSunspecified <= 4.3.3affected
QNAP Systems Inc.QTSunspecified <= 4.3.4affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References