Network Attached Storage (NAS) maker QNAP has patched its email client Qmailagent to address XSS (Cross-Site Scripting) vulnerability (CVE-2021-34357) that could be exploited to execute arbitrary commands. Qnap strongly recommends that the users update to last versions.

Source: qnap.com