Qnap: >> License Center >> 1.8.38 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following versions:
License Center 1.8.51 and later
License Center 1.9.51 and later
CVSS Score
4.8
EPSS Score
0.001
Published
2025-08-29