CVE-2012-1556

Currently unrated

Key Information:

Vendor
Synology
Status
Diskstation Manager
Synology Photo Station
Vendor
CVE Published:
12 September 2014

Summary

Cross-site scripting (XSS) vulnerability in Synology Photo Station 5 for DiskStation Manager (DSM) 3.2-1955 allows remote attackers to inject arbitrary web script or HTML via the name parameter to photo/photo_one.php.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/73976
vdb-entryx_refsource_XF
http://osvdb.org/80034
vdb-entryx_refsource_OSVDB
http://archives.neohapsis.com/archives/bugtraq/2012-03/00...
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Collectors

NVD DatabaseMitre Database
.