CVE-2015-9104

EPSS 0.6%CWE-79

Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title.

Produtos afetados

Synology · Audio Station

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://www.synology.com/en-global/support/security/Audio_Station_5_4_2857 http://www.fortiguard.com/zeroday/FG-VD-15-106