Skip to main content

Quftp Service

1 CVEs product

Monthly

CVE-2026-22895 MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability exists in QuFTP Service that allows authenticated remote attackers with administrator credentials to bypass security mechanisms and read application data. The vulnerability affects multiple versions of QuFTP Service across different release branches (1.4.x, 1.5.x, and 1.6.x prior to specified patch versions). While no CVSS score, EPSS probability, or KEV status is currently available, the requirement for administrator-level access significantly constrains real-world exploitation risk.

XSS Quftp Service
NVD VulDB
CVSS 4.0
6.2
EPSS
0.1%
EPSS 0% CVSS 6.2
MEDIUM PATCH This Month

A cross-site scripting (XSS) vulnerability exists in QuFTP Service that allows authenticated remote attackers with administrator credentials to bypass security mechanisms and read application data. The vulnerability affects multiple versions of QuFTP Service across different release branches (1.4.x, 1.5.x, and 1.6.x prior to specified patch versions). While no CVSS score, EPSS probability, or KEV status is currently available, the requirement for administrator-level access significantly constrains real-world exploitation risk.

XSS Quftp Service
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy