Security ID : QSA-24-39
Multiple Vulnerabilities in Photo Station
Release date : November 23, 2024
CVE identifier : CVE-2024-32767 | CVE-2024-32768 | CVE-2024-32769 | CVE-2024-32770
Affected products: Photo Station 6.4.x
Severity
Moderate
Status
Resolved
Summary
Multiple vulnerabilities have been reported to affect Photo Station:
- CVE-2024-32767, CVE-2024-32768, CVE-2024-32769, CVE-2024-32770: If exploited, the cross-site scripting (XSS) vulnerabilities could allow remote attackers who have gained user access to bypass security mechanisms or read application data.
We have already fixed the vulnerabilities in the following version:
| Affected Product | Fixed Version |
| Photo Station 6.4.x | Photo Station 6.4.3 (2024/07/12) and later |
Recommendation
To fix the vulnerabilities, we recommend updating Photo Station to the latest version.
Updating Photo Station
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "Photo Station" and then press ENTER.
Photo Station appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Photo Station is already up to date. - Click OK.
The application is updated.
Attachment
Acknowledgements: Nemar Nil
Revision History:
V1.0 (November 23, 2024) - Published
