CVE-2019-7184

Summary

This cross-site scripting (XSS) vulnerability in Video Station allows remote attackers to inject and execute scripts on the administrator’s management console. To fix this vulnerability, QNAP recommend updating Video Station to their latest versions.

Affected Software

VendorProductVersion RangeStatus
n/aQNAP NAS devices running Video StationQTS 4.4.1: Video Station before version 5.4.3, QTS 4.3.4 - QTS 4.4.0: Video Station before version 5.3.10affected

Weaknesses

  • Cross-site Scripting (XSS)

ADP Enrichment

CVE Program Container

Additional References

References