Cross-Site Scripting (XSS) Vulnerabilities in Synology Note Station 1.1-0212 and Earlier

Cross-Site Scripting (XSS) Vulnerabilities in Synology Note Station 1.1-0212 and Earlier

CVE-2015-9103 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments.

Learn more about our Web App Pen Testing.