3 matches found
CVE-2018-8910
Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...
CVE-2018-8910
Cross-site scripting XSS vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments...
CVE-2018-8910
CVE-2018-8910 is a cross-site scripting (XSS) vulnerability in Synology Drive’s Attachment Preview prior to 1.0.1-10253. An authenticated remote user can inject arbitrary web script or HTML via a malicious attachment. The publicly documented details indicate network access with low attack complex...