Total vulnerabilities in the database
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network.
We have already fixed the vulnerability in the following versions: QTS 5.1.6.2722 build 20240402 and later QuTS hero h5.1.6.2734 build 20240414 and later
| Software | From | Fixed in |
|---|---|---|
| qnap / qts | 5.1.0.2348-build_20230325 | 5.1.0.2348-build_20230325.x |
| qnap / qts | 5.1.0.2418-build_20230603 | 5.1.0.2418-build_20230603.x |
| qnap / qts | 5.1.0.2399-build_20230515 | 5.1.0.2399-build_20230515.x |
| qnap / qts | 5.1.0.2466-build_20230721 | 5.1.0.2466-build_20230721.x |
| qnap / qts | 5.1.1.2491-build_20230815 | 5.1.1.2491-build_20230815.x |
| qnap / qts | 5.1.0.2444-build_20230629 | 5.1.0.2444-build_20230629.x |
| qnap / qts | 5.1.2.2533-build_20230926 | 5.1.2.2533-build_20230926.x |
| qnap / qts | 5.1.3.2578-build_20231110 | 5.1.3.2578-build_20231110.x |
| qnap / qts | 5.1.4.2596-build_20231128 | 5.1.4.2596-build_20231128.x |
| qnap / qts | 5.1.5.2645-build_20240116 | 5.1.5.2645-build_20240116.x |
| qnap / qts | 5.1.5.2679-build_20240219 | 5.1.5.2679-build_20240219.x |
| qnap / quts_hero | h5.1.0.2409-build_20230525 | h5.1.0.2409-build_20230525.x |
| qnap / quts_hero | h5.1.1.2488-build_20230812 | h5.1.1.2488-build_20230812.x |
| qnap / quts_hero | h5.1.0.2466-build_20230721 | h5.1.0.2466-build_20230721.x |
| qnap / quts_hero | h5.1.0.2453-build_20230708 | h5.1.0.2453-build_20230708.x |
| qnap / quts_hero | h5.1.0.2424-build_20230609 | h5.1.0.2424-build_20230609.x |
| qnap / quts_hero | h5.1.3.2578-build_20231110 | h5.1.3.2578-build_20231110.x |
| qnap / quts_hero | h5.1.2.2534-build_20230927 | h5.1.2.2534-build_20230927.x |
| qnap / quts_hero | h5.1.4.2596-build_20231128 | h5.1.4.2596-build_20231128.x |
| qnap / quts_hero | h5.1.5.2647-build_20240118 | h5.1.5.2647-build_20240118.x |
| qnap / quts_hero | h5.1.5.2680-build_20240220 | h5.1.5.2680-build_20240220.x |