CVE-2010-2453
CVE-2010-2453 describes multiple cross-site scripting (XSS) vulnerabilities in Synology DiskStation 2.x, prior to DSM3.0-1337. The issue arises when an attacker uses the FTP server to trigger the FTP logging module to write crafted USER or PASS entries into a web-interface log window, enabling ar...