Synology DiskStation Manager (DSM) is an operating system used on network storage servers (NAS) by Synology Inc. of Taiwan, China. An injection vulnerability exists in Synology DiskStation Manager, which stems from a downstream component of the product that does not securely filter special characters in the input data. An attacker could use this vulnerability to inject arbitrary web script or HTML via unspecified vectors to authenticate users.