VYPR
Unrated severityNVD Advisory· Published Jan 14, 2022· Updated Sep 17, 2024

Reflected XSS Vulnerability in QcalAgent

CVE-2021-38677

Description

A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Qnap/QcalAgentllm-fuzzy
    Range: <1.1.7
  • QNAP Systems Inc./QcalAgentv5
    Range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.