NotCVE - vendor:"Qnap" product:"Nas Proxy Server" version:" >= 1.4.0

3 results (0.002 seconds)

CVSS: 8.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2021-34360 – CSRF Bypass in Proxy Server

https://notcve.org/view.php?id=CVE-2021-34360

26 May 2022 — A cross-site request forgery (CSRF) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later QuTS hero h5.0.0: Proxy Server 1.4.3 ( 2022/01/18 ) and later QuTScloud c4.5.6: Proxy Server 1.4.2 ( 2021/12/30 ) and later Se ha informado de una vulnerabilidad de tipo cross-si... • https://www.qnap.com/en/security-advisory/qsa-22-18 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-34361 – Reflected XSS Vulnerability in Proxy Server

https://notcve.org/view.php?id=CVE-2021-34361

25 Feb 2022 — A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later Se ha informado de una vulnerabilidad de tipo cross-site scripting (XSS) que afecta al dispositivo de QNAP que ejecuta Proxy Server. Si es explotado, esta vulnerabilidad permite a ataca... • https://www.qnap.com/en/security-advisory/qsa-22-04 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-34359 – Stored XSS Vulnerability in Proxy Server

https://notcve.org/view.php?id=CVE-2021-34359

25 Feb 2022 — A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running Proxy Server. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of Proxy Server: QTS 4.5.x: Proxy Server 1.4.2 ( 2021/12/30 ) and later Se ha informado de una vulnerabilidad de tipo cross-site scripting (XSS) que afecta al dispositivo QNAP que ejecuta Proxy Server. Si es explotado, esta vulnerabilidad permite a atacante... • https://www.qnap.com/en/security-advisory/qsa-22-04 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •