CVE-2023-47561

CVSS 3.1 Score 5.4 of 10 (medium)

Details

Published Feb 2, 2024

Updated: Feb 7, 2024

CWE ID 79

Summary

CVE-2023-47561 is a recently identified cross-site scripting (XSS) vulnerability that affects Photo Station. This issue allows authenticated users to inject malicious code into the application via a network. Successful exploitation could lead to various attacks, such as data theft or unauthorized system access. It is recommended that users upgrade to Photo Station 6.4.2 (released on 2023/12/15) or later versions to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

QNAP Photo Station

Affected Vendors

QNAP Systems

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/tS-BGg
https://www.cve.org/CVERecord?id=CVE-2023-47561
https://nvd.nist.gov/vuln/detail/CVE-2023-47561

Back to Vulnerability Database