Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

github логотип

GHSA-gpr8-jxh8-2pch

Опубликовано: 24 мая 2022
Источник: github
Github: Не прошло ревью

Описание

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

Ссылки

EPSS

Процентиль: 48%
0.00249
Низкий

CVE ID

CVE-2021-38681

Дефекты

CWE-79

Связанные уязвимости

nvd логотип

CVE-2021-38681

CVSS3: 5.3
nvd
около 4 лет назад

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

fstec логотип

BDU:2023-00605

CVSS3: 5.4
fstec
около 3 лет назад

Уязвимость базы данных Ragic Cloud DB сетевого хранилища QNAP NAS, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)

EPSS

Процентиль: 48%
0.00249
Низкий

CVE ID

CVE-2021-38681

Дефекты

CWE-79