VYPR
Medium severity6.1NVD Advisory· Published Jun 21, 2018· Updated Jun 17, 2026

CVE-2017-13072

CVE-2017-13072

Description

Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Qnap/App Centerllm-create
    Range: <=4.2.6 build 20171208, <=4.3.3 build 20171213, <=4.3.4 build 20171223
  • Qnap/Qtsllm-fuzzy
    Range: <=4.2.6 build 20171208, <=4.3.3 build 20171213, <=4.3.4 build 20171223
  • QNAP/App Center in QTSv5
    Range: App Center in QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.