CVE-2024-21897 | QNAP QTS/QuTS hero prior 5.1.6.2722 Build 20240402 cross site scripting (qsa-24-20)

Posted by Angelo Barbosa | Sep 6, 2024 | CVE

A vulnerability was found in QNAP QTS and QuTS hero 4.5.4.2790 Build 20240605/5.1.3.2578 Build 20231110/5.1.4.2596 Build 20231128. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting.

This vulnerability is known as CVE-2024-21897. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-21897 | QNAP QTS/QuTS hero prior 5.1.6.2722 Build 20240402 cross site scripting (qsa-24-20)

Related Posts

CVE-2024-9008 | SourceCodester Best Online News Portal 1.0 Comment Section /news-details.php name sql injection

CVE-2024-27190 | Jean-David Daviet Download Media Plugin up to 1.4.2 on WordPress authorization

CVE-2024-8223 | SourceCodester Music Gallery Site 1.0 Master.php id sql injection

CVE-2024-37880 | Kyber Reference implementation up to 18.x ML-KEM 512 Secret Key ref/poly.c poly_frommsg information exposure