Search

安全ID : QSA-21-31

Stored XSS Vulnerability in Q'center

  • 发布日期 : July 1, 2021

  • 通用漏洞披露 : CVE-2021-28803

  • 受影响产品: QNAP NAS running Q'center

严重程度

Moderate

状态

已解决

Summary

A stored XSS vulnerability has been reported to affect QNAP NAS running Q'center. If exploited, this vulnerability allows attackers to inject malicious code.


We have already fixed this vulnerability in the following versions:


  • Q'center 1.11.1004 and later

Recommendation

To fix the vulnerability, we recommend updating Q'center to the latest version.


Updating Q'center

  1. Log on to QTS or QuTS hero as administrator.
  2. Open the App Center, and then click .
    A search box appears.
  3. Type “Q'center”, and then press ENTER.
    The Q'center application appears in the search results.
  4. Click Update.
    A confirmation message appears.
    Note: The Update button is not available if you are using the latest version.
  5. Click OK.
    The application is updated.

致谢: Jan Hoff

修订历史: V1.0 (July 1, 2021) - Published

选择规格

      显示更多 隐藏更多
      open menu
      back to top