NotCVE - vendor:"Qnap" product:"Qmailagent"

2 results (0.001 seconds)

CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-34358 – CSRF Vulnerability in QmailAgent

https://notcve.org/view.php?id=CVE-2021-34358

20 Nov 2021 — We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later Ya hemos corregido esta vulnerabilidad en las siguientes versiones de QmailAgent: QmailAgent versiones 3.0.2 ( 25/08/2021) y posteriores • https://www.qnap.com/en/security-advisory/qsa-21-49 • CWE-352: Cross-Site Request Forgery (CSRF) •

CVSS: 6.9EPSS: 0%CPEs: 2EXPL: 0

CVE-2021-34357 – Reflected XSS Vulnerability in QmailAgent

https://notcve.org/view.php?id=CVE-2021-34357

13 Nov 2021 — A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QmailAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QmailAgent: QmailAgent 3.0.2 ( 2021/08/25 ) and later Se ha informado de una vulnerabilidad de tipo cross-site scripting (XSS) que afecta al dispositivo de QNAP que ejecuta QmailAgent. Si es explotada, esta vulnerabilidad permite a atacantes remotos inyect... • https://www.qnap.com/en/security-advisory/qsa-21-47 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •