CVE-2023-23357

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Published Dec 19, 2024

CWE ID 79

Summary

CVE-2023-23357 is a newly discovered cross-site scripting (XSS) vulnerability that affects several versions of QNAP operating systems. This issue allows remote attackers who have gained administrator access to bypass security mechanisms or read application data. QNAP has released patches for QuLog Center 1.5.0.738, 1.4.1.691, and 1.3.1.645 and later versions to address this vulnerability. If exploited, the vulnerability could potentially lead to serious data breaches or unauthorized system access. Users are strongly advised to update their operating systems to the latest versions to mitigate the risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/pmyTeS
https://www.cve.org/CVERecord?id=CVE-2023-23357
https://nvd.nist.gov/vuln/detail/CVE-2023-23357

Back to Vulnerability Database

CVE-2023-23357

CVSS 3.1 Score 4.8 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations