CVE-2023-23354
CVE-2023-23354
Título es
CVE-2023-23354
Jue, 19/12/2024 – 02:15
Tipo
CWE-79
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2023-23354
Descripción en
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following versions:
QuLog Center 1.5.0.738 ( 2023/03/06 ) and later
QuLog Center 1.4.1.691 ( 2023/03/01 ) and later
QuLog Center 1.3.1.645 ( 2023/02/22 ) and later
19/12/2024
19/12/2024
Vector CVSS:3.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:N
Gravedad 3.1 (CVSS 3.1 Base Score)
7.30
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
HIGH
Enviar en el boletín
Off
