Description
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuLog Center 1.8.0.872 ( 2024/06/17 ) and later QuLog Center 1.7.0.827 ( 2024/06/17 ) and later
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Changed
Confidentiality
Low
Integrity
High
Availability
High
Affected products
- QNAP Systems Inc. / QuLog Center1.8.x.x – 1.8.0.872 ( 2024/06/17 )
- QNAP Systems Inc. / QuLog Center1.7.x.x – 1.7.0.827 ( 2024/06/17 )