CVE-2019-10634
published 2019-04-09CVE-2019-10634: An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user…
medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| zyxel | nas326_firmware | <= 5.21 | — |