Medium severity4.8NVD Advisory· Published Mar 20, 2026· Updated Jun 9, 2026
CVE-2026-22895
CVE-2026-22895
Description
A cross-site scripting (XSS) vulnerability has been reported to affect QuFTP Service. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following versions: QuFTP Service 1.4.3 and later QuFTP Service 1.5.2 and later QuFTP Service 1.6.2 and later
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: >=1.4.3, >=1.5.2, >=1.6.2
Patches
Vulnerability mechanics
References
1- www.qnap.com/en/security-advisory/qsa-26-15nvdVendor Advisory
News mentions
0No linked articles in our index yet.