CVE-2023-23354

HIGH Year: 2023
CVSS v3 Score
7.3
High
Weakness Type
CWE-79
View all →

Vulnerability Description

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following versions: QuLog Center 1.5.0.738 ( 2023/03/06 ) and later QuLog Center 1.4.1.691 ( 2023/03/01 ) and later QuLog Center 1.3.1.645 ( 2023/02/22 ) and later

Related Vulnerabilities

CVE-2019-10049

HIGH
CVSS:7.3(High)

It is possible for an attacker with regular user access to the web application of Pydio through 8.2.2 to trick an administrator user into opening a link shared through the application, that in turn op...

CWE-792019

CVE-2019-17331

HIGH
CVSS:7.3(High)

The Data Exchange Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripting (XSS)...

CWE-792019

CVE-2019-17332

HIGH
CVSS:7.3(High)

The Digital Asset Manager Web Interface component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains a vulnerability that theoretically allows authenticated users to perform stored cross-site scripti...

CWE-792019

CVE-2019-17338

HIGH
CVSS:7.3(High)

The user interface component of TIBCO Software Inc.'s TIBCO Patterns - Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting ...

CWE-792019

CVE-2020-15154

HIGH
CVSS:7.3(High)

baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components are: content_fields...

CWE-792020

CVE-2020-15155

HIGH
CVSS:7.3(High)

baserCMS 4.3.6 and earlier is affected by Cross Site Scripting (XSS) via arbitrary script execution. Admin access is required to exploit this vulnerability. The affected components is toolbar.php. The...

CWE-792020