CVE-2015-5664 — Cross-site Scripting in Qnap QTS
Severity
6.1MEDIUMNVD
EPSS
0.3%
top 45.87%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJul 3
Latest updateMay 17
Description
Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS before 4.2.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 2.8 | Impact: 2.7