2 matches found
CVE-2018-8910
Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...
PT-2018-18709 · Synology · Synology Drive
Name of the Vulnerable Software and Affected Versions: Synology Drive versions prior to 1.0.1-10253 Description: The issue is related to a cross-site scripting XSS vulnerability in the Attachment Preview feature. This allows remote authenticated users to inject arbitrary web script or HTML via...