Cross-site scripting (XSS) vulnerability in File Station in QNAP QTS prior to 4.2.0 allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
qnap qts