XSS in Qnap Systems Inc. Quftp Service

CVE-2026-22895

A cross-site scripting (XSS) vulnerability has been reported to affect QuFTP Service. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.001 (25.7th percentile) — read the EPSS interpretation.