RSS   Vulnerabilities for 'Note station'   RSS

2019-06-30
 
CVE-2019-11827

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Shard in Synology Note Station before 2.5.3-0863 allows remote attackers to inject arbitrary web script or HTML via the object_id parameter.

 
2018-05-09
 
CVE-2018-8912

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via the commit_msg parameter.

 
 
CVE-2018-8911

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

 
2017-06-30
 
CVE-2015-9103

 

 
Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments.

 

 >>> Vendor: Synology 34 Products
DSM
Diskstation manager
Synology photo station
Ds photo+
Ds file
Ds audio
Cloud station
Photo station
Download station
Video station
Note station
Audio station
CHAT
Office
Photo station uploader
Assistant
Dns server
Router manager
Cloud station backup
Cloud station drive
Skynas
Virtual diskstation manager
Vs960hd firmware
Media server
Calendar
Drive
File station
Ds107 firmware
Ds116 firmware
Ds213 firmware
Vs960hd
Mailplus server
Ssl vpn client
Moments


Copyright 2019, cxsecurity.com

 

Back to Top