CVE-2018-0719 MEDIUM

CVE-2018-0719: Security Advisory for Vulnerabilities in QTS

Vendor Qnap Systems Inc.
Product QTS
Weakness CWE-79 · XSS
Published November 27, 2018
Last update September 16, 2024

CVSS base score

5.5/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction Required
Confidentiality Low
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L

What the vulnerability does

01Description

Cross-site Scripting (XSS) vulnerability in NAS devices of QNAP Systems Inc. QTS allows attackers to inject javascript. This issue affects: QNAP Systems Inc. QTS version 4.2.6 and prior versions on build 20180711; version 4.3.3 and prior versions on build 20180725; version 4.3.4 and prior versions on build 20180710.

Key dates

02Disclosure timeline

November 27, 2018 CVE published
September 16, 2024 Record updated

Related vulnerabilities

04Related CVE