Vulnerabilities > Qnap > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-01 | CVE-2020-36194 | Cross-site Scripting vulnerability in Qnap QTS and Quts Hero An XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. | 6.1 |
| 2021-07-01 | CVE-2020-36196 | Cross-site Scripting vulnerability in Qnap Qulog Center 1.1.491 A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. | 6.1 |
| 2021-07-01 | CVE-2021-28803 | Cross-site Scripting vulnerability in Qnap Q'Center This issue affects: QNAP Systems Inc. | 5.4 |
| 2021-06-16 | CVE-2021-28815 | Insecure Storage of Sensitive Information vulnerability in Qnap Myqnapcloud Link Insecure storage of sensitive information has been reported to affect QNAP NAS running myQNAPcloud Link. | 4.9 |
| 2021-06-11 | CVE-2021-28805 | Information Exposure vulnerability in Qnap QSS 1.0.2/1.0.3 Inclusion of sensitive information in the source code has been reported to affect certain QNAP switches running QSS. | 5.5 |
| 2021-06-03 | CVE-2021-28806 | Cross-site Scripting vulnerability in Qnap QTS A DOM-based XSS vulnerability has been reported to affect QNAP NAS running QTS and QuTS hero. | 5.4 |
| 2021-06-03 | CVE-2021-28807 | Cross-site Scripting vulnerability in Qnap Q'Center A post-authentication reflected XSS vulnerability has been reported to affect QNAP NAS running Q’center. | 5.4 |
| 2021-05-13 | CVE-2020-36198 | OS Command Injection vulnerability in Qnap Malware Remover A command injection vulnerability has been reported to affect certain versions of Malware Remover. | 6.7 |
| 2021-04-16 | CVE-2018-19942 | Cross-site Scripting vulnerability in Qnap QTS A cross-site scripting (XSS) vulnerability has been reported to affect earlier versions of File Station. | 6.1 |
| 2021-02-17 | CVE-2020-2502 | Cross-site Scripting vulnerability in Qnap Photo Station This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code. | 6.1 |