Vulnerability Details CVE-2018-0715
Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.067
EPSS Ranking 91.1%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2018-0715
-
cpe:2.3:a:qnap:photo_station:-
-
cpe:2.3:a:qnap:photo_station:5.2.0
-
cpe:2.3:a:qnap:photo_station:5.2.1
-
cpe:2.3:a:qnap:photo_station:5.2.10
-
cpe:2.3:a:qnap:photo_station:5.2.11
-
cpe:2.3:a:qnap:photo_station:5.2.12
-
cpe:2.3:a:qnap:photo_station:5.2.13
-
cpe:2.3:a:qnap:photo_station:5.2.14
-
cpe:2.3:a:qnap:photo_station:5.2.2
-
cpe:2.3:a:qnap:photo_station:5.2.3
-
cpe:2.3:a:qnap:photo_station:5.2.4
-
cpe:2.3:a:qnap:photo_station:5.2.5
-
cpe:2.3:a:qnap:photo_station:5.2.6
-
cpe:2.3:a:qnap:photo_station:5.2.7
-
cpe:2.3:a:qnap:photo_station:5.2.8
-
cpe:2.3:a:qnap:photo_station:5.2.9
-
cpe:2.3:a:qnap:photo_station:5.3.4
-
cpe:2.3:a:qnap:photo_station:5.3.5
-
cpe:2.3:a:qnap:photo_station:5.3.6
-
cpe:2.3:a:qnap:photo_station:5.4.0
-
cpe:2.3:a:qnap:photo_station:5.4.1
-
cpe:2.3:a:qnap:photo_station:5.4.10
-
cpe:2.3:a:qnap:photo_station:5.4.11
-
cpe:2.3:a:qnap:photo_station:5.4.12
-
cpe:2.3:a:qnap:photo_station:5.4.13
-
cpe:2.3:a:qnap:photo_station:5.4.15
-
cpe:2.3:a:qnap:photo_station:5.4.2
-
cpe:2.3:a:qnap:photo_station:5.4.3
-
cpe:2.3:a:qnap:photo_station:5.4.4
-
cpe:2.3:a:qnap:photo_station:5.4.5
-
cpe:2.3:a:qnap:photo_station:5.4.6
-
cpe:2.3:a:qnap:photo_station:5.4.7
-
cpe:2.3:a:qnap:photo_station:5.4.8
-
cpe:2.3:a:qnap:photo_station:5.4.9
-
cpe:2.3:a:qnap:photo_station:5.6.0
-
cpe:2.3:a:qnap:photo_station:5.6.1
-
cpe:2.3:a:qnap:photo_station:5.6.2
-
cpe:2.3:a:qnap:photo_station:5.6.3
-
cpe:2.3:a:qnap:photo_station:5.7.0