VYPR
Unrated severityNVD Advisory· Published Nov 30, 2018· Updated Aug 5, 2024

CVE-2018-0716

CVE-2018-0716

Description

Cross-site scripting vulnerability in QTS 4.2.6 build 20180711, QTS 4.3.3: Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5: Qsync Central 3.0.4 and earlier versions could allow remote attackers to inject Javascript code in the compromised application.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Qnap/Qtsllm-fuzzy
    Range: 4.2.6 build 20180711, 4.3.3, 4.3.4, 4.3.5
  • Qnap/Qsync Centralllm-fuzzy2 versions
    <=3.0.4+ 1 more
    • (no CPE)range: <=3.0.4
    • (no CPE)range: QTS 4.2.6 build 20180711, QTS 4.3.3 Qsync Central 3.0.2, QTS 4.3.4: Qsync Central 3.0.3, QTS 4.3.5 Qsync Central 3.0.4 and earlier versions

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.