Multiple cross-site scripting (XSS) vulnerabilities in Synology Video Station 1.2 prior to 1.2-0455, 1.5 prior to 1.5-0772, and 1.6 prior to 1.6-0847 allow remote authenticated malicious users to inject arbitrary web script or HTML via the (1) file name or (2) collection name of videos.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
synology video station 1.6-0844 |
||
synology video station 1.6-0840 |
||
synology video station 1.5-0770 |
||
synology video station 1.2-0439 |
||
synology video station 1.2-0443 |
||
synology video station 1.5-0763 |
||
synology video station 1.5-0757 |
||
synology video station 1.5-0754 |
||
synology video station 1.5-0753 |
||
synology video station 1.2-0453 |
||
synology video station 1.6-0841 |
||
synology video station 1.6-0835 |
||
synology video station 1.2-0447 |
||
synology video station 1.2-0451 |