Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Cross-site scripting vulnerability in QTS and QuTS hero
Vulnerability Description
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QANP have already fixed these vulnerabilities in the following versions of QTS and QuTS hero. QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 build 20200702 and later QTS 4.3.6.1333 build 20200608 and later QTS 4.3.4.1368 build 20200703 and later QTS 4.3.3.1315 build 20200611 and later QTS 4.2.6 build 20200611 and later
CVSS Information
N/A
Vulnerability Type
在Web页面生成时对输入的转义处理不恰当(跨站脚本)
Vulnerability Title
QNAP Systems 多款产品跨站脚本漏洞
Vulnerability Description
Qnap Systems QNAP QTS是中国威联通(Qnap Systems)公司的一套Turbo NAS作业系统。该系统可提供档案储存、管理、备份,多媒体应用及安全监控等功能。 QNAP Systems 多款产品存在跨站脚本漏洞,攻击者可利用该漏洞在证书配置中注入恶意代码。以下产品及版本受到影响:QuTS hero h4.5.1.1472 build 20201031 and later QTS 4.5.1.1456 build 20201015 and later QTS 4.4.3.1354 b
CVSS Information
N/A
Vulnerability Type
N/A