3 matches found
CVE-2017-9555
Cross-site scripting XSS vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter...
CVE-2017-9555
Cross-site scripting XSS vulnerability in PixlrEditorHandler.php in Synology Photo Station before 6.7.0-3414 allows remote attackers to inject arbitrary web script or HTML via the image parameter...
CVE-2017-9555
Synology Photo Station CVE-2017-9555 is an XSS in PixlrEditorHandler.php exploitable on versions prior to 6.7.0-3414. A remote attacker can inject arbitrary script via the image parameter. Affected software is Synology Photo Station; patch requires upgrading to 6.7.0-3414 or later as remediation ...