This entry was written by Vigil @ nce: http://vigilance.fr/offre
SYNTHESIS OF THE VULNERABILITY
An attacker can create a Cross Site Scripting in Note Note Station Synology Station, in order to execute JavaScript code in the context of the web site
Affected products. Synology DSM
Gravity. 2/4
.
Date established:. 09/14/2015
DESCRIPTION OF THE VULNERABILITY
Note Station Synology product has a web service
However. the received data is not filtered before being inserted into the generated HTML documents.
An attacker can therefore generate a Cross Site Scripting in Note Station Synology Note Station, in order to execute JavaScript code in the context of the website
ACCESS TO THE COMPLETE VIGIL @ NCE BULLETIN
http:. //vigilance.fr/vulnerabilite/S …
No comments:
Post a Comment