3 matches found
CVE-2018-8915
Cross-site scripting XSS vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to inject arbitrary web script or HTML via title parameter...
CVE-2018-8915
Cross-site scripting XSS vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to inject arbitrary web script or HTML via title parameter...
CVE-2018-8915
The CVE concerns Synology Calendar’s Notification Center where an XSS vulnerability exists in the title parameter for versions before 2.1.1-0502. Remote authenticated users can inject arbitrary web script or HTML by supplying a crafted title, potentially impacting user sessions or data displayed ...