安全ID : QSA-24-30
Vulnerability in QuLog Center
发布日期 : September 7, 2024
通用漏洞披露 : CVE-2024-32762
受影响产品: QuLog Center 1.8.x, 1.7.x
严重程度
Moderate
状态
已解决
Summary
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers to inject malicious code.
We have already fixed the vulnerability in the following versions:
| Affected Product | Fixed Version |
| QuLog Center 1.8.x | QuLog Center 1.8.0.872 (2024/06/17) and later |
| QuLog Center 1.7.x | QuLog Center 1.7.0.827 (2024/06/17) and later |
Recommendation
To fix the vulnerability, we recommend updating QuLog Center to the latest version.
Updating QuLog Center
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "QuLog Center" and then press ENTER.
QuLog Center appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your QuLog Center is already up to date. - Click OK.
The application is updated.
附件
致谢: Aliz Hammond of watchTowr
修订历史:
V1.0 (September 07, 2024) - Published
