cvedb.io
CVE-2021-38681
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2021-11-20T01:15:08.303 · Last modified 2026-06-17T04:02:34.823

Summary

A reflected cross-site scripting (XSS) vulnerability has been reported to affect QNAP NAS running Ragic Cloud DB. If exploited, this vulnerability allows remote attackers to inject malicious code. QNAP have already disabled and removed Ragic Cloud DB from the QNAP App Center, pending a security patch from Ragic.

Affected products

qnap — ragic_cloud_db

Does this affect you?

Add your gear to cvedb and we'll alert you only when qnap ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.