CVE-2015-6913 in Download Stationinformation

Résumé

par MITRE

Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.5-2967 allows remote attackers to inject arbitrary web script or HTML via the urls parameter in an add_url_task action to dlm/downloadman.cgi.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Réserver

11/09/2015

Divulgation

11/09/2015

Modérer

accepté

Entrée

VDB-77683

CPE

prêt

EPSS

0.01917

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!