2 matches found
CVE-2018-8912
Cross-site scripting XSS vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via the commitmsg parameter...
CVE-2018-8912
Synology Note Station (Note Station) contains an XSS in SYNO.NoteStation.Note that affects versions prior to 2.5.1-0844. An authenticated remote attacker can inject arbitrary script/HTML via the commit_msg parameter. Impact is XSS with partial integrity exposures and low confidentiality concerns;...