Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Update 1 allows remote attackers to inject arbitrary web script or HTML via the “compound” parameter to entry.cgi.
CPE | Name | Operator | Version |
---|---|---|---|
diskstation_manager | eq | <= 5.2-5565 |