Unrated severityNVD Advisory· Published Apr 1, 2019· Updated Sep 16, 2024
CVE-2017-16774
CVE-2017-16774
Description
Cross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<6.1.4-15217-3+ 1 more
- (no CPE)range: <6.1.4-15217-3
- (no CPE)range: unspecified
Patches
Vulnerability mechanics
References
1- www.synology.com/security/advisory/Synology_SA_18_26mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.