Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-2491

Опубликовано: 10 дек. 2020
Источник: nvd
CVSS3: 6.1
CVSS2: 4.3
EPSS Низкий

Описание

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. QTS 4.5.1: Photo Station 6.0.12 and later QTS 4.4.3: Photo Station 6.0.12 and later QTS 4.3.6: Photo Station 5.7.12 and later QTS 4.3.4: Photo Station 5.7.13 and later QTS 4.3.3: Photo Station 5.4.10 and later QTS 4.2.6: Photo Station 5.2.11 and later

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 6.0.12 (исключая)
cpe:2.3:o:qnap:qts:4.5.1:*:*:*:*:*:*:*
Конфигурация 2

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 6.0.12 (исключая)
cpe:2.3:o:qnap:qts:4.4.3:*:*:*:*:*:*:*
Конфигурация 3

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 5.7.12 (исключая)
cpe:2.3:o:qnap:qts:4.3.6:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 5.7.13 (исключая)
cpe:2.3:o:qnap:qts:4.3.4:*:*:*:*:*:*:*
Конфигурация 5

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 5.4.10 (исключая)
cpe:2.3:o:qnap:qts:4.3.3:*:*:*:*:*:*:*
Конфигурация 6

Одновременно

cpe:2.3:a:qnap:photo_station:*:*:*:*:*:*:*:*
Версия до 5.2.11 (исключая)
cpe:2.3:o:qnap:qts:4.2.6:*:*:*:*:*:*:*

EPSS

Процентиль: 50%
0.0027
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79
CWE-79

Связанные уязвимости

github логотип

GHSA-whf5-659f-c55w

github
больше 3 лет назад

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. QANP We have already fixed this vulnerability in the following versions of Photo Station. QTS 4.5.1: Photo Station 6.0.12 and later QTS 4.4.3: Photo Station 6.0.12 and later QTS 4.3.6: Photo Station 5.7.12 and later QTS 4.3.4: Photo Station 5.7.13 and later QTS 4.3.3: Photo Station 5.4.10 and later QTS 4.2.6: Photo Station 5.2.11 and later

EPSS

Процентиль: 50%
0.0027
Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79
CWE-79