CVE-2017-13068

QNAP has already patched this vulnerability. This security concern allows a remote attacker to perform an SQL injection on the application and obtain Helpdesk application information. A remote attacker does not require any privileges to successfully execute this attack. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt