A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later
History

Fri, 22 Nov 2024 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 22 Nov 2024 15:45:00 +0000

Type Values Removed Values Added
Description A cross-site scripting (XSS) vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow remote attackers who have gained user access to inject malicious code. We have already fixed the vulnerability in the following version: Photo Station 6.4.3 ( 2024/07/12 ) and later
Title Photo Station
Weaknesses CWE-79
References
Metrics cvssV3_1

{'score': 6.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: qnap

Published:

Updated: 2024-11-22T16:44:56.903Z

Reserved: 2024-04-18T08:14:16.553Z

Link: CVE-2024-32770

cve-icon Vulnrichment

Updated: 2024-11-22T16:35:13.946Z

cve-icon NVD

Status : Received

Published: 2024-11-22T16:15:22.893

Modified: 2024-11-22T16:15:22.893

Link: CVE-2024-32770

cve-icon Redhat

No data.