Описание
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Одновременно
EPSS
5.3 Medium
CVSS3
5.4 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.
Уязвимость базы данных Ragic Cloud DB сетевого хранилища QNAP NAS, позволяющая нарушителю провести атаку межсайтового скриптинга (XSS)
EPSS
5.3 Medium
CVSS3
5.4 Medium
CVSS3
4.3 Medium
CVSS2