Vulnerabilities > Synology > SSO Server > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-08-03 | CVE-2022-27620 | Path Traversal vulnerability in Synology SSO Server 2.1.30129 Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in webapi component in Synology SSO Server before 2.2.3-0331 allows remote authenticated users to read arbitrary files via unspecified vectors. | 4.9 |
2019-04-01 | CVE-2017-16775 | Improper Input Validation vulnerability in Synology SSO Server Improper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors. | 6.1 |