CVE-2017-16768

2017-12-2717:00:00

synology

www.cve.org

AI Score

4.8

Confidence

High

EPSS

0.001

Percentile

21.6%

JSON

Cross-site scripting (XSS) vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter.

References

www.synology.com/en-global/support/security/Synology_SA_17_81