A cross-site scripting (XSS) vulnerability has been reported to affect License Center. If exploited, the vulnerability could allow remote attackers who have gained user access to bypass security mechanisms or read application data.
We have already fixed the vulnerability in the following version:
License Center 1.9.49 and later
CVSS
No CVSS.
References
Link | Resource |
---|---|
https://www.qnap.com/en/security-advisory/qsa-25-11 |
Configurations
No configuration.
History
09 Jun 2025, 12:15
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
06 Jun 2025, 16:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-06-06 16:15
Updated : 2025-06-09 12:15
NVD link : CVE-2024-50406
Mitre link : CVE-2024-50406
CVE.ORG link : CVE-2024-50406
JSON object : View
Products Affected
No product.
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')