cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-23354,https://securityvulnerability.io/vulnerability/CVE-2023-23354,Cross-Site Scripting Vulnerability in QNAP Operating Systems,"CVE-2023-23354 describes a high-severity cross-site scripting (XSS) vulnerability present in several versions of QNAP's QuLog Center. This flaw allows remote attackers who have gained user access to bypass essential security measures and potentially read sensitive application data. Since the vulnerability may be exploited via malicious scripts, it poses a significant threat to user security and privacy. QNAP has released patches in versions QuLog Center 1.5.0.738 and later, QuLog Center 1.4.1.691 and later, and QuLog Center 1.3.1.645 and later to mitigate these risks. Users are strongly advised to upgrade to the latest versions to ensure their systems are secure.",QNAP,Qulog Center,7.3,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-12-19T01:39:27.208Z,0
CVE-2023-23357,https://securityvulnerability.io/vulnerability/CVE-2023-23357,Cross-Site Scripting Vulnerability in QNAP Products,"CVE-2023-23357 describes a critical cross-site scripting (XSS) vulnerability found in various QNAP QuLog Center operating system versions. Remote attackers with administrative access can exploit this flaw to bypass existing security mechanisms and potentially access sensitive application data. It is crucial for users of affected versions to update to the latest releases where this vulnerability has been resolved. QNAP has released patches in versions QuLog Center 1.5.0.738 (released on March 6, 2023), 1.4.1.691 (released on March 1, 2023), and 1.3.1.645 (released on February 22, 2023) to address this security concern. For further details and assistance, refer to QNAP's security advisory.",QNAP,Qulog Center,4.8,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-12-19T01:39:02.809Z,0
CVE-2024-32762,https://securityvulnerability.io/vulnerability/CVE-2024-32762,QuLog Center XSS Vulnerability,"A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow users to inject malicious code via a network.

We have already fixed the vulnerability in the following versions:
QuLog Center 1.8.0.872 ( 2024/06/17 ) and later
QuLog Center 1.7.0.827 ( 2024/06/17 ) and later",QNAP,Qulog Center,6.1,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-09-06T16:27:22.225Z,0
CVE-2020-36196,https://securityvulnerability.io/vulnerability/CVE-2020-36196,Stored XSS Vulnerability in QuLog Center,"A stored XSS vulnerability has been reported to affect QNAP NAS running QuLog Center. If exploited, this vulnerability allows attackers to inject malicious code. This issue affects: QNAP Systems Inc. QuLog Center versions prior to 1.2.0.",QNAP,Qulog Center,6.1,MEDIUM,0.000750000006519258,false,false,false,false,,false,false,2021-07-01T00:00:00.000Z,0