The vulnerability have been reported to affect earlier versions of Helpdesk. If exploited, this cross-site request forgery (CSRF) vulnerability could allow attackers to force NAS users to execute unintentional actions through a web application. QNAP has already fixed the issue in Helpdesk 3.0.3 and later.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published: 2020-09-11T14:12:56

Updated: 2024-08-05T11:51:17.945Z

Reserved: 2018-12-07T00:00:00

Link: CVE-2018-19948

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2020-09-11T15:15:10.993

Modified: 2020-09-16T19:20:46.457

Link: CVE-2018-19948

cve-icon Redhat

No data.