Vulnerabilities > Synology > File Station > 1.0.1.0046
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-06-05 | CVE-2018-8923 | Cross-site Scripting vulnerability in Synology File Station Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments. | 5.4 |
2017-12-08 | CVE-2017-15893 | Path Traversal vulnerability in Synology File Station Directory traversal vulnerability in the SYNO.FileStation.Extract in Synology File Station before 1.1.1-0099 allows remote authenticated users to write arbitrary files via the dest_folder_path parameter. | 6.5 |