3 matches found
CVE-2015-6909
Cross-site scripting XSS vulnerability in the "Create download task via file upload" feature in Synology Download Station before 3.5-2962 allows remote attackers to inject arbitrary web script or HTML via the name element in the Info dictionary in a torrent file...
CVE-2015-6909
Cross-site scripting XSS vulnerability in the "Create download task via file upload" feature in Synology Download Station before 3.5-2962 allows remote attackers to inject arbitrary web script or HTML via the name element in the Info dictionary in a torrent file...
CVE-2015-6909
The CVE-2015-6909 entry concerns Synology Download Station (pre-3.5-2962). A cross-site scripting (XSS) vulnerability exists in the "Create download task via file upload" feature, exploitable by injecting arbitrary web script or HTML through the name element in the Info directory of a torrent fil...