CVE-2019-11826
The CVE-2019-11826 issue affects Synology Moments prior to 1.3.0-0691, due to a path traversal vulnerability in SYNO.PhotoTeam.Upload.Item. The underlying problem allows remote authenticated users to upload arbitrary files via the name parameter. Evidence across multiple sources confirms the affe...