Synology DiskStation Manager Improper Neutralization of Input During Web Page Generation (CVE-2018-13293)

Cross-site scripting XSS vulnerability in Control Panel SSO Settings in Synology DiskStation Manager DSM before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter. This plugin only works with Tenable.ot. Please visit...

CVE-2018-13293

Cross-site scripting XSS vulnerability in Control Panel SSO Settings in Synology DiskStation Manager DSM before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter...