2 matches found
CVE-2017-16768
Cross-site scripting XSS vulnerability in User Policy editor in Synology MailPlus Server before 1.4.0-0415 allows remote authenticated users to inject arbitrary HTML via the name parameter...
CVE-2017-16768
CVE-2017-16768 is a cross-site scripting (XSS) vulnerability in the User Policy editor of Synology MailPlus Server prior to version 1.4.0-0415. The issue allows remote authenticated users to inject arbitrary HTML via the name parameter, with impact described as partial integrity impact and low co...