CVE-2015-9104
N/A
N/A
Summary
Cross-site scripting (XSS) vulnerabilities in Synology Audio Station 5.1 before 5.1-2550 and 5.4 before 5.4-2857 allows remote authenticated attackers to inject arbitrary web script or HTML via the album title.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Synology | Audio Station | 5.1 | affected |
| Synology | Audio Station | 5.4 | affected |
Weaknesses
- CWE-79: Cross Site Scripting (CWE-79)
ADP Enrichment
CVE Program Container
Additional References
- https://www.synology.com/en-global/support/security/Audio_Station_5_4_2857
- http://www.fortiguard.com/zeroday/FG-VD-15-106
References
- https://www.synology.com/en-global/support/security/Audio_Station_5_4_2857
- http://www.fortiguard.com/zeroday/FG-VD-15-106
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.