CVE-2024-32768
CVSS 3.1 Score 6.3 of 10 (medium)
Details
Published Nov 22, 2024
CWE ID 79
Summary
CVE-2024-32768 is a newly disclosed cross-site scripting (XSS) vulnerability that affects Photo Station. Successful exploitation of this weakness allows remote attackers with user access to inject malicious code. It is essential to note that gaining user access is a prerequisite for exploitation. The issue has been remedied in Photo Station versions 6.4.3 and later, which were released on July 12, 2024. Users are encouraged to update their systems to mitigate this risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share
Affected Products
- QNAP Photo Station
Affected Vendors
- QNAP Systems