CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27126

A cross-site scripting (XSS) vulnerability has been reported to affect Notes Station 3. If exploited, the vulnerability could allow authenticated users to inject malicious code via a network. We have already fixed the vulnerability in the following versions: Notes Station 3 3.9.6 and later

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.0%

CVSS Severity

CVSS v3 Score 6.3

References

https://www.qnap.com/en/security-advisory/qsa-24-21

Products affected by CVE-2024-27126

Qnap » Notes Station 3 » Version: 3.9.0

cpe:2.3:a:qnap:notes_station_3:3.9.0
Qnap » Notes Station 3 » Version: 3.9.1

cpe:2.3:a:qnap:notes_station_3:3.9.1
Qnap » Notes Station 3 » Version: 3.9.2

cpe:2.3:a:qnap:notes_station_3:3.9.2
Qnap » Notes Station 3 » Version: 3.9.3

cpe:2.3:a:qnap:notes_station_3:3.9.3
Qnap » Notes Station 3 » Version: 3.9.4

cpe:2.3:a:qnap:notes_station_3:3.9.4
Qnap » Notes Station 3 » Version: 3.9.5

cpe:2.3:a:qnap:notes_station_3:3.9.5

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27126

Products

Pricing

Contact Us