CNNVD-202511-746 Information

CNNVD ID

CNNVD-202511-746

Related CVE

CVE-2025-58465

• CNNVD Published: 2025-11-07

Description (Chinese)

QNAP Download Station是中国台湾威联通科技（QNAP）公司的一个基于网页的下载工具。 QNAP Download Station存在跨站脚本漏洞，该漏洞源于容易受到跨站脚本攻击，可能导致绕过安全机制或读取应用程序数据。

Description (English)

QNAP Download State is a web-based downloading tool for QNAP. QNAP Download State has a cross-site script loophole, which stems from its vulnerability to cross-site script attacks and may result in bypassing security mechanisms or reading application data.

Hazard Level

Medium

Vulnerability Type

跨站脚本

Affected Vendor

威联通科技

Published

2025-11-07

Last Modified

2026-02-24

References

https://www.qnap.com/en/security-advisory/qsa-25-37 https://access.redhat.com/security/cve/cve-2025-58465

Patch

https://www.qnap.com/en/security-advisory/qsa-25-37