CNNVD-202511-742 Information

CNNVD ID

CNNVD-202511-742

Related CVE

CVE-2025-54167

• CNNVD Published: 2025-11-07

Description (Chinese)

QNAP Notification Center是中国台湾威联通科技（QNAP）公司的一个系统事件的警示和通知软件。 QNAP Notification Center 2.1.0.3443版本、1.9.2.3163版本和3.0.0.3466版本存在跨站脚本漏洞，该漏洞源于容易受到跨站脚本攻击，可能导致绕过安全机制或读取应用数据。

Description (English)

QNAP Notification Center is the warning and notification software for a system incident at QNAP. QNAP Notification Center 2.1.034443, 1.9.2.3163 and 3.0.0.3466 have a cross-site script loophole, which stems from their vulnerability to cross-stop script attacks and may result in bypassing security mechanisms or reading applied data.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

威联通科技

Published

2025-11-07

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-25-40 https://access.redhat.com/security/cve/cve-2025-54167

Patch

https://www.qnap.com/en/security-advisory/qsa-25-40