Medium severity6.5NVD Advisory· Published May 10, 2018· Updated Jun 17, 2026
CVE-2018-8910
CVE-2018-8910
Description
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.0.1-10253
- Synology/Drivev5Range: unspecified
Patches
Vulnerability mechanics
References
1- www.synology.com/en-global/support/security/Synology_SA_18_05nvdVendor Advisory
News mentions
0No linked articles in our index yet.