CVE-2024-32762

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
6.1MEDIUM
EPSS
0.8%
top 25.58%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. Qulog CenterQnap Qulog Center
Timeline
PublishedSep 6

Description

A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QuLog Center 1.8.0.872 ( 2024/06/17 ) and later QuLog Center 1.7.0.827 ( 2024/06/17 ) and later

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:H/A:HExploitability: 1.6 | Impact: 6.0

Affected Packages2 packages

NVDqnap/qulog_center1.7.01.7.0.827+1
CVEListV5qnap_systems_inc./qulog_center1.8.x.x1.8.0.872 ( 2024/06/17 )+1

🔴Vulnerability Details

2
GHSA
GHSA-3vff-2vjg-jh5h: A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center2024-09-06
CVEList
QuLog Center2024-09-06
CVE-2024-32762 (MEDIUM CVSS 6.1) | A cross-site scripting (XSS) vulner | cvebase.io