Vulnerability in Qnap Q'center Virtual Appliance
CVE-2018-0723
Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different vulnerability than CVE-2018-0724.
EPSS: 0.003 (50.9th percentile) — read the EPSS interpretation.
Affected products
- Qnap Q'center Virtual Appliance — versions Q'center Virtual Appliance 1.8.1014 and earlier versions
References
- www.qnap.com/zh-tw/security-advisory/nas-201812-26 (x_refsource_CONFIRM)