Medium severity6.1NVD Advisory· Published Nov 27, 2018· Updated Jun 17, 2026
CVE-2018-13329
CVE-2018-13329
Description
Cross-site scripting in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "lines" URL parameter.
Affected products
2= 3.1.03+ 1 more
- (no CPE)range: = 3.1.03
- (no CPE)range: 3.1.03
Patches
Vulnerability mechanics
References
1- blog.securityevaluators.com/vulnerabilities-in-terramaster-tos-3-1-03-fb99cf88b86anvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.