Stored Cross-Site Scripting Vulnerability in QNAP File Station

Stored Cross-Site Scripting Vulnerability in QNAP File Station

CVE-2020-2503 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. QNAP has already fixed these issues in QES 2.1.1 Build 20201006 and later.

Learn more about our Web Application Penetration Testing UK.