Security ID : QSA-24-21
Multiple Vulnerabilities in Notes Station 3
Release date : September 7, 2024
CVE identifier : CVE-2024-27122 | CVE-2024-27126
Affected products: Notes Station 3 3.9.x
Severity
Moderate
Status
Resolved
Summary
Multiple vulnerabilities have been reported to affect Notes Station 3:
- CVE-2024-27122, CVE-2024-27126: If exploited, the cross-site scripting (XSS) vulnerabilities could allow remote attackers who have gained user access to inject malicious code.
We have already fixed the vulnerabilities in the following versions:
| Affected Product | Fixed Version |
| Notes Station 3 3.9.x | Notes Station 3 3.9.6 and later |
Recommendation
To fix the vulnerabilities, we recommend updating Notes Station 3 to the latest version.
Updating Notes Station 3
- Log on to QTS or QuTS hero as an administrator.
- Open App Center and then click
.
A search box appears. - Type "Notes Station 3" and then press ENTER.
Notes Station 3 appears in the search results. - Click Update.
A confirmation message appears.
Note: The Update button is not available if your Notes Station 3 is already up to date. - Click OK.
The application is updated.
Attachment
Revision History:
V1.0 (September 07, 2024) - Published
