Cross-Site Scripting Vulnerability in File Station 5 by QNAP
CVE-2025-57706
2.2LOW
What is CVE-2025-57706?
A cross-site scripting (XSS) vulnerability has been identified in QNAP's File Station 5, allowing remote attackers who have user account access to exploit this weakness. Attackers can potentially bypass established security measures and gain unauthorized access to sensitive application data. QNAP has addressed this vulnerability in version 5.5.6.5018 and later, emphasizing the importance of keeping software up to date to mitigate risks.
Affected Version(s)
File Station 5 5.5.x < 5.5.6.5018