CVE-2020-2493: XSS
First published: Thu Dec 10 2020(Updated: )
This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code. QANP have already fixed this vulnerability in Multimedia Console 1.1.5 and later.
Credit: security@qnapsecurity.com.tw
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Qnap Multimedia Console | <1.1.5 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2020-2493?
CVE-2020-2493 is a cross-site scripting vulnerability in Multimedia Console that allows remote attackers to inject malicious code.
How can remote attackers exploit CVE-2020-2493?
Remote attackers can exploit CVE-2020-2493 by injecting malicious code through the vulnerability in Multimedia Console.
What is the severity of CVE-2020-2493?
The severity of CVE-2020-2493 is medium, with a severity value of 6.1.
Has QANP fixed CVE-2020-2493?
Yes, QANP has fixed CVE-2020-2493 in Multimedia Console version 1.1.5 and later.
Where can I find more information about CVE-2020-2493?
You can find more information about CVE-2020-2493 at the following reference: [https://www.qnap.com/en/security-advisory/qsa-20-14](https://www.qnap.com/en/security-advisory/qsa-20-14)
- collector/nvd-index
- vendor/qnap
- canonical/qnap multimedia console