Vulnerability Details CVE-2025-54168
A cross-site scripting (XSS) vulnerability has been reported to affect QuLog Center. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following version:
QuLog Center 1.8.2.923 ( 2025/08/27 ) and later
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 30.4%
CVSS Severity
CVSS v3 Score 4.8
Products affected by CVE-2025-54168
-
cpe:2.3:a:qnap:qulog_center:1.8.0.872