Qnap: >> Qcalagent >> 1.0.38 Security Vulnerabilities
A cross-site scripting (XSS) vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows remote attackers to inject malicious code. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later
CVSS Score
5.3
EPSS Score
0.003
Published
2022-01-14
An open redirect vulnerability has been reported to affect QNAP device running QcalAgent. If exploited, this vulnerability allows attackers to redirect users to an untrusted page that contains malware. We have already fixed this vulnerability in the following versions of QcalAgent: QcalAgent 1.1.7 and later
CVSS Score
6.1
EPSS Score
0.002
Published
2022-01-14