Vulnerabilities > Synology > Diskstation Manager > 4.2.3243
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-07-24 | CVE-2017-9553 | Unspecified vulnerability in Synology Diskstation Manager A design flaw in SYNO.API.Encryption in Synology DiskStation Manager (DSM) before 6.1.3-15152 allows remote attackers to bypass the encryption protection mechanism via the crafted version parameter. network synology | 4.3 |
2015-06-18 | CVE-2015-4655 | Cross-site Scripting vulnerability in Synology Diskstation Manager Cross-site scripting (XSS) vulnerability in Synology DiskStation Manager (DSM) before 5.2-5565 Update 1 allows remote attackers to inject arbitrary web script or HTML via the "compound" parameter to entry.cgi. | 4.3 |