Vulnerabilities

CVE-2017-15892

by Fred · 28/12/2017

Multiple cross-site scripting (XSS) vulnerabilities in Slash Command Creator in Synology Chat before 2.0.0-1124 allow remote authenticated users to inject arbitrary web script or HTML via (1) COMMAND, (2) COMMANDS INSTRUCTION, or (3) DESCRIPTION parameter.

Date published : 2017-12-28

https://www.synology.com/en-global/support/security/Synology_SA_17_78

Similar

Tags: Cybersecurity Alert