CVE-2024-32768

CVSS 3.1 Score 6.3 of 10 (medium)

Details

Published Nov 22, 2024
CWE ID 79

Summary

CVE-2024-32768 is a newly disclosed cross-site scripting (XSS) vulnerability that affects Photo Station. Successful exploitation of this weakness allows remote attackers with user access to inject malicious code. It is essential to note that gaining user access is a prerequisite for exploitation. The issue has been remedied in Photo Station versions 6.4.3 and later, which were released on July 12, 2024. Users are encouraged to update their systems to mitigate this risk.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

  • QNAP Photo Station

Affected Vendors

  • QNAP Systems