CVE-2018-19948
published 2020-09-11CVE-2018-19948: The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow…
medium6.5CVSS 3.1
AVNACLPRNUIRSUCNIHAN
The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| qnap | helpdesk | < 3.0.3 | 3.0.3 |
| qnap_systems_inc | helpdesk | >= unspecified < 3.0.3 | 3.0.3 |