CVE-2019-10634

An XSS vulnerability in the Zyxel NAS 326 version 5.21 and below allows a remote authenticated attacker to inject arbitrary JavaScript or HTML via the user, group, and file-share description fields. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt