Vulnerabilities > Synology > Calendar > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-12 | CVE-2022-22682 | Cross-site Scripting vulnerability in Synology Calendar Improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability in Event Management in Synology Calendar before 2.4.5-10930 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2019-05-09 | CVE-2019-11820 | Insufficiently Protected Credentials vulnerability in Synology Calendar Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline. | 2.1 |
| 2018-05-10 | CVE-2018-8915 | Cross-site Scripting vulnerability in Synology Calendar Cross-site scripting (XSS) vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to inject arbitrary web script or HTML via title parameter. | 3.5 |