CVE-2024-50406

CWE-79Cross-site Scripting (XSS)3 documents3 sources
Severity
2.0LOW
EPSS
0.3%
top 44.33%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Qnap Systems Inc. License CenterQnap License Center
Timeline
PublishedJun 6

Description

A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version: License Center 1.9.49 and later

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:A/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Affected Packages2 packages

NVDqnap/license_center1.9.361.9.49
CVEListV5qnap_systems_inc./license_center1.9.x1.9.49

🔴Vulnerability Details

2
GHSA
GHSA-39w6-236w-7r42: A cross-site scripting (XSS) vulnerability has been reported to affect License Center2025-06-06
CVEList
License Center2025-06-06
CVE-2024-50406 (LOW CVSS 2) | A cross-site scripting (XSS) vulner | cvebase.io