CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23372

A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: QTS 5.0.1.2425 build 20230609 and later QTS 5.1.0.2444 build 20230629 and later QTS 4.5.4.2467 build 20230718 and later QuTS hero h5.1.0.2424 build 20230609 and later QuTS hero h5.0.1.2515 build 20230907 and later QuTS hero h4.5.4.2476 build 20230728 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 52.3%

CVSS Severity

CVSS v3 Score 6.5

References

Products affected by CVE-2023-23372

Qnap » Qts » Version: 4.5.4.1715

cpe:2.3:o:qnap:qts:4.5.4.1715
Qnap » Qts » Version: 4.5.4.1723

cpe:2.3:o:qnap:qts:4.5.4.1723
Qnap » Qts » Version: 4.5.4.1741

cpe:2.3:o:qnap:qts:4.5.4.1741
Qnap » Qts » Version: 4.5.4.1787

cpe:2.3:o:qnap:qts:4.5.4.1787
Qnap » Qts » Version: 4.5.4.1800

cpe:2.3:o:qnap:qts:4.5.4.1800
Qnap » Qts » Version: 4.5.4.1892

cpe:2.3:o:qnap:qts:4.5.4.1892
Qnap » Qts » Version: 4.5.4.1931

cpe:2.3:o:qnap:qts:4.5.4.1931
Qnap » Qts » Version: 4.5.4.2012

cpe:2.3:o:qnap:qts:4.5.4.2012
Qnap » Qts » Version: 4.5.4.2117

cpe:2.3:o:qnap:qts:4.5.4.2117
Qnap » Qts » Version: 4.5.4.2280

cpe:2.3:o:qnap:qts:4.5.4.2280
Qnap » Qts » Version: 4.5.4.2374

cpe:2.3:o:qnap:qts:4.5.4.2374
Qnap » Qts » Version: 5.0.1.2034

cpe:2.3:o:qnap:qts:5.0.1.2034
Qnap » Qts » Version: 5.0.1.2079

cpe:2.3:o:qnap:qts:5.0.1.2079
Qnap » Qts » Version: 5.0.1.2131

cpe:2.3:o:qnap:qts:5.0.1.2131
Qnap » Qts » Version: 5.0.1.2137

cpe:2.3:o:qnap:qts:5.0.1.2137
Qnap » Qts » Version: 5.0.1.2145

cpe:2.3:o:qnap:qts:5.0.1.2145
Qnap » Qts » Version: 5.0.1.2173

cpe:2.3:o:qnap:qts:5.0.1.2173
Qnap » Qts » Version: 5.0.1.2194

cpe:2.3:o:qnap:qts:5.0.1.2194
Qnap » Qts » Version: 5.0.1.2234

cpe:2.3:o:qnap:qts:5.0.1.2234
Qnap » Qts » Version: 5.0.1.2248

cpe:2.3:o:qnap:qts:5.0.1.2248
Qnap » Qts » Version: 5.0.1.2277

cpe:2.3:o:qnap:qts:5.0.1.2277
Qnap » Qts » Version: 5.0.1.2346

cpe:2.3:o:qnap:qts:5.0.1.2346
Qnap » Qts » Version: 5.0.1.2376

cpe:2.3:o:qnap:qts:5.0.1.2376
Qnap » Qts » Version: 5.1.0.2348

cpe:2.3:o:qnap:qts:5.1.0.2348
Qnap » Qts » Version: 5.1.0.2399

cpe:2.3:o:qnap:qts:5.1.0.2399
Qnap » Qts » Version: 5.1.0.2418

cpe:2.3:o:qnap:qts:5.1.0.2418
Qnap » Quts Hero » Version: h4.5.4.1771

cpe:2.3:o:qnap:quts_hero:h4.5.4.1771
Qnap » Quts Hero » Version: h4.5.4.1800

cpe:2.3:o:qnap:quts_hero:h4.5.4.1800
Qnap » Quts Hero » Version: h4.5.4.1813

cpe:2.3:o:qnap:quts_hero:h4.5.4.1813
Qnap » Quts Hero » Version: h4.5.4.1848

cpe:2.3:o:qnap:quts_hero:h4.5.4.1848
Qnap » Quts Hero » Version: h4.5.4.1892

cpe:2.3:o:qnap:quts_hero:h4.5.4.1892
Qnap » Quts Hero » Version: h4.5.4.1951

cpe:2.3:o:qnap:quts_hero:h4.5.4.1951
Qnap » Quts Hero » Version: h4.5.4.1971

cpe:2.3:o:qnap:quts_hero:h4.5.4.1971
Qnap » Quts Hero » Version: h4.5.4.1991

cpe:2.3:o:qnap:quts_hero:h4.5.4.1991
Qnap » Quts Hero » Version: h4.5.4.2052

cpe:2.3:o:qnap:quts_hero:h4.5.4.2052
Qnap » Quts Hero » Version: h4.5.4.2138

cpe:2.3:o:qnap:quts_hero:h4.5.4.2138
Qnap » Quts Hero » Version: h4.5.4.2217

cpe:2.3:o:qnap:quts_hero:h4.5.4.2217
Qnap » Quts Hero » Version: h4.5.4.2272

cpe:2.3:o:qnap:quts_hero:h4.5.4.2272
Qnap » Quts Hero » Version: h4.5.4.2374

cpe:2.3:o:qnap:quts_hero:h4.5.4.2374
Qnap » Quts Hero » Version: h5.0.1.2045

cpe:2.3:o:qnap:quts_hero:h5.0.1.2045
Qnap » Quts Hero » Version: h5.0.1.2192

cpe:2.3:o:qnap:quts_hero:h5.0.1.2192
Qnap » Quts Hero » Version: h5.0.1.2248

cpe:2.3:o:qnap:quts_hero:h5.0.1.2248
Qnap » Quts Hero » Version: h5.0.1.2269

cpe:2.3:o:qnap:quts_hero:h5.0.1.2269
Qnap » Quts Hero » Version: h5.0.1.2277

cpe:2.3:o:qnap:quts_hero:h5.0.1.2277
Qnap » Quts Hero » Version: h5.0.1.2348

cpe:2.3:o:qnap:quts_hero:h5.0.1.2348
Qnap » Quts Hero » Version: h5.0.1.2376

cpe:2.3:o:qnap:quts_hero:h5.0.1.2376
Qnap » Quts Hero » Version: h5.1.0.2409

cpe:2.3:o:qnap:quts_hero:h5.1.0.2409

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-23372

Products

Pricing

Contact Us