Cross-site scripting in the Login page in ASUSTOR ADM version 3.1.1 allows malicious users to execute JavaScript via the System Announcement feature.
asustor data_master 3.1.1