Cross-Site Scripting Vulnerability in QNAP Photo Station
CVE-2024-32770
Currently unrated
Summary
A cross-site scripting (XSS) vulnerability has been identified in QNAP's Photo Station, enabling remote attackers with authenticated user access to inject and execute malicious scripts. This flaw poses a security risk, potentially leading to unauthorized access to sensitive information or system compromise. Users are encouraged to update to the latest version, Photo Station 6.4.3 or later, to mitigate this vulnerability. For further details, refer to QNAP's security advisory.
References
Timeline
Vulnerability published