CVE-2015-6913

2015-09-11T12:59:19
ID CVE-2015-6913
Type cve
Reporter NVD
Modified 2018-10-09T15:57:57

Description

Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.5-2967 allows remote attackers to inject arbitrary web script or HTML via the urls parameter in an add_url_task action to dlm/downloadman.cgi.