CVE-2018-19956

Summary

The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. If exploited, the vulnerability could allow remote attackers to inject malicious code. This issue affects: QNAP Systems Inc. Photo Station versions prior to 5.7.11; versions prior to 6.0.10.

Affected Software

VendorProductVersion RangeStatus
QNAP Systems Inc.Photo Stationunspecified < 5.7.11affected
QNAP Systems Inc.Photo Stationunspecified < 6.0.10affected

Weaknesses

  • CWE-79: CWE-79 Cross-site Scripting (XSS)
  • CWE-80: CWE-80 Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)

ADP Enrichment

CVE Program Container

Additional References

References