CVE-2018-19948
2
CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:L/A:N
Summary
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| QNAP Systems Inc. | Helpdesk | unspecified < 3.0.3 | affected |
Weaknesses
- CWE-352: CWE-352 Cross-Site Request Forgery (CSRF)
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.