Search

安全ID : QSA-21-30

Stored XSS Vulnerability in QuLog Center

  • 发布日期 : July 1, 2021

  • 通用漏洞披露 : CVE-2020-36196

  • 受影响产品: QNAP NAS running QuLog Center

严重程度

Moderate

状态

已解决

Summary

A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code.


We have already fixed this vulnerability in the following versions:


  • QuLog Center 1.2.0 and later

Recommendation

To fix the vulnerability, we recommend updating QuLog Center to the latest version.


Updating QuLog Center

  1. Log on to QTS or QuTS hero as administrator.
  2. Open the App Center, and then click .
    A search box appears.
  3. Type “QuLog Center”, and then press ENTER.
    The QuLog Center application appears in the search results.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if you are using the latest version.
  5. Click OK.
    The application is updated.

致谢: Jan Hoff

修订历史: V1.0 (July 1, 2021) - Published

选择规格

      显示更多 隐藏更多
      open menu
      back to top