Cross-Site Scripting Vulnerability in Synology Photo Station for DiskStation Manager
CVE-2012-1556

Currently unrated

Key Information:

Vendor

Synology
Status
Diskstation Manager
Synology Photo Station
Vendor
CVE Published:
12 September 2014

What is CVE-2012-1556?

An XSS vulnerability exists in Synology Photo Station 5 for DiskStation Manager 3.2-1955 that could be exploited by remote attackers. By manipulating the name parameter in requests to photo/photo_one.php, attackers can inject and execute arbitrary web scripts or HTML. This poses significant risks, including unauthorized access to user credentials and exposure of sensitive information.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/73976
vdb-entryx_refsource_XF
http://osvdb.org/80034
vdb-entryx_refsource_OSVDB
http://archives.neohapsis.com/archives/bugtraq/2012-03/00...
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.