Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the "Create download task via URL" feature in Synology Download Station before 3.5-2967 allows remote attackers to inject arbitrary web script or HTML via the urls parameter in an add_url_task action to dlm/downloadman.cgi.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Synology Video Station 跨站脚本漏洞
Vulnerability Description
Synology Video Station是群晖科技(Synology)公司的一款视频管理器。 Synology Download Station 3.5-2967之前版本的‘Create download task via URL’功能中存在跨站脚本漏洞,该漏洞源于dlm/downloadman.cgi文件没有充分过滤add_url_task操作中的‘urls’参数。远程攻击者可利用该漏洞注入任意Web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A