CVE-2017-16774

2019-04-01T15:29:00
ID CVE-2017-16774
Type cve
Reporter cve@mitre.org
Modified 2019-10-09T23:25:00

Description

Cross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.