CVE-2020-2494

CVE-2020-2494: Cross-site Scripting Vulnerability in Music Station

Vendor Qnap Systems Inc.
Product Music Station
Weakness CWE-79 · XSS
Published December 10, 2020
Last update September 17, 2024

CVSS base score

What the vulnerability does

01Description

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in the following versions of Music Station. QuTS hero h4.5.1: Music Station 5.3.13 and later QTS 4.5.1: Music Station 5.3.12 and later QTS 4.4.3: Music Station 5.3.12 and later

Key dates

02Disclosure timeline

December 10, 2020 CVE published
September 17, 2024 Record updated

Related vulnerabilities

04Related CVE