Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.Referenceshttps://www.qnap.com/zh-tw/security-advisory/nas-201804-23
