A cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Photo Station. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Photo Station: Photo Station 5.4.10 ( 2021/08/19 ) and later Photo Station 5.7.13 ( 2021/08/19 ) and later Photo Station 6.0.18 ( 2021/09/01 ) and later
References
Link Resource
https://www.qnap.com/en/security-advisory/qsa-21-42 Mitigation Vendor Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: qnap

Published: 2021-10-01T00:00:00

Updated: 2021-10-01T02:50:17

Reserved: 2021-06-08T00:00:00


Link: CVE-2021-34355

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2021-10-01T03:15:06.743

Modified: 2021-10-04T15:51:35.517


Link: CVE-2021-34355

JSON object: View

cve-icon Redhat Information

No data.

CWE