Vulnerability Details CVE-2017-13073
Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 48.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2017-13073
-
cpe:2.3:a:qnap:photo_station:5.2.0
-
cpe:2.3:a:qnap:photo_station:5.2.1
-
cpe:2.3:a:qnap:photo_station:5.2.2
-
cpe:2.3:a:qnap:photo_station:5.2.3
-
cpe:2.3:a:qnap:photo_station:5.2.4
-
cpe:2.3:a:qnap:photo_station:5.2.5
-
cpe:2.3:a:qnap:photo_station:5.2.6
-
cpe:2.3:a:qnap:photo_station:5.2.7
-
cpe:2.3:a:qnap:photo_station:5.4.0
-
cpe:2.3:a:qnap:photo_station:5.4.1
-
cpe:2.3:a:qnap:photo_station:5.4.2
-
cpe:2.3:a:qnap:photo_station:5.4.3