Search

Security ID : NAS-201808-23

Security Advisory for XSS Vulnerability in Photo Station

  • Release date : August 23, 2018

  • CVE identifier : CVE-2018-0715

  • Affected products: Photo Station versions 5.7.0 and earlier

Severity

Moderate

Status

Resolved

Summary

A cross-site scripting vulnerability has been reported to affect Photo Station versions 5.7.0 and earlier.

If successfully exploited, the vulnerability could allow remote attackers to inject Javascript code in the compromised application.

We have already fixed these issues in Photo Station version 5.7.1 and later.

Recommendation

To resolve the issue, you must update your Photo Station to the latest version.

Upgrading to Photo Station

  1. Log on to QTS as administrator.
  2. Open the App Center, and then click the Search icon.
    A search box appears.
  3. Type “Photo Station”, and then press ENTER.
    The Photo Station application appears in the search results list.
  4. Click Update.
    A confirmation message appears.
  5. Click OK.
    The application is updated.

 

Acknowledgements: Mitsuaki “Mitch” Shiraishi of Secureworks Japan

Revision History: V1.0 (August 23, 2018) - Published

Choose specification

      Show more Less

      Choose Your Country or Region

      open menu
      back to top