Medium severity5.4NVD Advisory· Published Aug 11, 2017· Updated Jun 17, 2026
CVE-2017-9556
CVE-2017-9556
Description
Cross-site scripting (XSS) vulnerability in Video Metadata Editor in Synology Video Station before 2.3.0-1435 allows remote authenticated attackers to inject arbitrary web script or HTML via the title parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3cpe:2.3:a:synology:video_station:*:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:synology:video_station:*:*:*:*:*:*:*:*range: <=2.2.1-1364
- (no CPE)range: <2.3.0-1435
- (no CPE)range: before 2.3.0-1435
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.