Cross-Site Scripting Vulnerability in License Center by QNAP
CVE-2024-50406

2LOW

Key Information:

Vendor: QNAP
Status: License Center
Vendor: CVE Published:; 6 June 2025

What is CVE-2024-50406?

A cross-site scripting (XSS) vulnerability in License Center may allow remote attackers, who have obtained user access, to bypass security mechanisms or access sensitive application data. Users are urged to update to License Center version 1.9.49 or later to mitigate this risk. For more details, please refer to QNAP's security advisory.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

License Center 1.9.x < 1.9.49

References

https://www.qnap.com/en/security-advisory/qsa-25-11

CVSS V4

Score:

Severity:

LOW

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Jun 6, 2025
Vulnerability Reserved
Oct 24, 2024

Credit

Searat and izut

JSON

QNAP