VYPR
Medium severity6.1NVD Advisory· Published Aug 27, 2018· Updated Jun 17, 2026

CVE-2018-15699

CVE-2018-15699

Description

ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerable to XSS. A man in the middle can take advantage of this by inserting Javascript into the configuration files Version field.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Range: <=3.1.5
  • Tenable/ASUSTOR Data Masterv5
    Range: 3.1.5 and below

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.