Medium severity5.4NVD Advisory· Published Jun 30, 2017· Updated Jun 17, 2026
CVE-2015-9103
CVE-2015-9103
Description
Multiple cross-site scripting (XSS) vulnerabilities in Synology Note Station 1.1-0212 and earlier allow remote authenticated attackers to inject arbitrary web script or HTML via the (1) note title or (2) file name of attachments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:synology:note_station:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:synology:note_station:*:*:*:*:*:*:*:*range: <=1.1-0212
- (no CPE)range: <=1.1-0212
- (no CPE)range: 1.0
Patches
Vulnerability mechanics
References
3- www.fortiguard.com/zeroday/FG-VD-15-110nvdThird Party Advisory
- www.fortiguard.com/zeroday/FG-VD-15-111nvdThird Party Advisory
- www.synology.com/en-global/support/security/Note_Station_1_1_0214nvdVendor Advisory
News mentions
0No linked articles in our index yet.