CVE-2018-0719 (qts)

maltiger

Cross-site scripting (XSS) vulnerability in QNAP QTS 4.2.6 build 20180711 and earlier versions, 4.3.3 build 20180725 and earlier versions, and 4.3.4 build 20180710 and earlier versions could allow remote attackers to inject javascript code.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0719